Evaluated Product - Details

Return to the EPL index

Senetas CN Series Application Software v2.7.1 & Senetas CM Management Application Software v7.5.1

Product type: Network and Network Related Devices and Systems
Product Status: Completed
Assurance Level: EAL2+ ALC_FLR.2

Version: CN series Application Software version 2.7.1 and CM7 Management Application Software version 7.5.1
Components: Senetas CN 4010 1Gb Ethernet Encryptor; Senetas CN 4020 1Gb Ethernet Encryptor; Senetas CN 6010 1Gb Ethernet Encryptor; Senetas CN 6040 Switchable 1Gb Ethernet and 1-4Gb Fibre Channel Encryptor; Senetas CN 6100 10Gb Ethernet Encryptor; Senetas CN 8000 Multislot Switchable 1-10Gb Ethernet and 1-4Gb Fibre Channel Encryptor

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2017)
Certificate Details: 2017/106
Certification Method: CC
Evaluation Facility: CSC
Manufacturer/Vendor/Distributor: Senetas Security Ltd

Senetas Security Ltd

312 Kings Way
South Melbourne Victoria 3205 Australia
Website: http://www.senetas.com
Product Website: http://www.senetas.com


John Weston
Phone: (03) 9868 4588
Fax: (03) 9821 4899
Email: John.Weston@senetas.com


Security Target
Certification Report

The Senetas CN series encryptors are high-speed, standards based multi-protocol encryptors specifically designed to secure voice, data and video information transmitted over Fibre Channel and Ethernet Networks. They can be deployed within Networks employing data rates up to 10 Gigabits per second and provide support for the AES algorithm. All of the encryptors in the CN series offer a single encryption path per encryptor except for the CN8000 Multi-slot encryptor which supports up to 10 interface/ high speed crypto cards (Slots) per chassis, each independently configurable as 1G or 10G Ethernet or 1, 2, 4G Fibre Channel. The encryptors also provide access control facilities using access rules for each defined Ethernet and Fibre Channel connection.

The Senetas CN Series Ethernet connects to the Local Area Network (LAN) or Wide Area Network (WAN) using 10/100/1000 BaseT RJ45 or Optical Fibre connectors. When operating at full bandwidth, the Ethernet encryptor will not discard any valid Ethernet frames for all modes of operation.

The Senetas CN series Fibre Channel connects to Fibre Channel links to provide traffic encryption over point to point (link) network segments at speeds of 1, 2, and 4 Gbps. Single and Multi Mode Optical Interfaces can be used to provide short and long haul transmission capability. The product has been designed to integrate simply and transparently into existing Fibre Channel network architectures and provides the ability to encrypt Fibre Channel traffic with no packet expansion, and minimal management overhead, allowing full line speed data throughput.

The CN8000 and CN6040 products are user switchable between Fibre Channel and Ethernet encryption modes within the same physical encryptor. 

The TOE provides the following security functionality:

 Audit – The TOE is able to generate auditable data for security relevant events

 Certificate Management – certificates will be maintained for the use by the product

 Protected Data Exchange – the confidentiality of packets sent over the untrusted network will be maintained

 Identification and Authentication – of administrative users who are responsible for the configuration and monitoring of the TOE

 Key Management – will be used in implementing security functions

 Information Flow Control – controlling the flow of received Ethernet or Fibre frames from external hosts

 Role-Based Access Control – restriction of users to different configuration interfaces based on the role they are assigned

 Secure Remote Management – remote administration by the CM Management Application allows for secure management and configuration of the TOE

 Self Protection – the TOE will protect against unauthorised access to the physical security of the TOE.