Evaluated Product - Details

Return to the EPL index

Aruba Networks Virtual Mobility Controller (hardened Chassis running VMware ESXi) with ArubaOS - 1.3 FIPS

Product type: Network and Network Related Devices and Systems
Product Status: Completed
Assurance Level: Protection Profile

Version: ArubaOS VMC - 1.3 FIPS

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2017)
Certificate Details: 2017/107
Certification Method: CC

PP Compliance: Protection Profile - Security Requirements for Network Devices , v1.1 with Errata #3 applied (NDPP) Protection Profile - Network Device Protection Profile (NDPP) Extended Package Stateful Traffic Filter Firewall, v1.0 (FW-EP) Protection Profile - Network Device Protection Profile (NDPP) Extended Package VPN Gateway, v1.1 (VPNGW-EP)

Evaluation Facility: CSC
Manufacturer/Vendor/Distributor: Aruba Networks

Aruba Networks

Suite 303, 54 Miller Street
North Sydney NSW 2060 Australia
Website: http://www.arubanetworks.com


Steve Weingart
Public Sector Certifications
CA 94089 CA 94089 US
Phone: 830.580.1544
Mobile: 210.516.5736
Website: http://www.arubanetworks.com


Security Target
CC Certificate
Certification Report

The Aruba Networks Virtual Mobility Controller (VMC) is a virtualised network device encompassing stateful traffic filter firewall and VPN gateway. It serves as a gateway between wired and wireless networks and provides command-and-control over Access Points (APs) within an Aruba dependant wireless network. ArubaOS VMC - 1.3 FIPS is the underlying operating system of the Virtual Mobile Controller (VMC), which runs on top of VMware ESXi and was evaluated on the following platforms:


PacStar 451 Small Server Module (Intel 4th-Generation Core i5 or Core i7)
Information Assurance Specialists IAS Router MICRO Extreme network appliance (contains the IAS VPN Gateway Module CLASSIC using Intel 4th-Generation Core i5)
Klas Telecom Voyager VMm (Intel 5th-Generation Core i3)
DTECH Labs M3-SE-SVR3Q (Intel 3rd-Generation Core i7)


 The TOE provides the following security functions:

  • Protected communications. The TOE protects the following communication flows:
    • WebUI. Communication with the administrative web user interface (WebUI) is protected using TLS/HTTPS
    • CLI. Remote administration via the Command Line Interface (CLI) is protected using SSHv2
    • Syslog. Syslog messages are protected using IPSec
    • Radius. Radius authentication messages are protected using IPSec
    • Verifiable updates. Updates are digitally signed and verified upon installation utilising digital signatures.
  • System monitoring. The TOE maintains an audit log of administrative and security relevant events. Logs can optionally be delivered to a Syslog server
  • Secure administration. The TOE provides administration interfaces for configuration and monitoring. The TOE authenticates administrators and implements session timeouts
  • Residual information clearing. The TOE ensures that network packets sent from the TOE do not include data "left over" from the processing of previous network information
  • Self-test. The TOE performs both power-up and conditional self-tests to verify correct and secure operation
  • Firewall. The TOE performs stateful packet filtering. Wireless clients connecting through APs are placed into user-roles. Stateful packet filter policies are applied to these user-roles to allow fine grained control over wireless traffic
  • VPN gateway. The TOE may be used as a VPN gateway – a device at the edge of a private network that terminates an IPsec tunnel, which provides device authentication, confidentiality, and integrity of information traversing a public or untrusted network.