Juniper Networks Junos Pulse Access Control Service 4.2 R4

 
PROJECT ID
C039
ASSURANCE LEVEL
EAL3+ ALC_FLR.2
Security Target (ST)
 
Certification Report (CR)
 
PRODUCT NAME AND VERSION
Juniper Networks Junos Pulse Access Control Service 4.2 R4
PRODUCT TYPE
Set of appliance and software client running on a remote IT system that provides control point for Juniper Network's Unified Access Control (UAC) solution.
PRODUCT SPONSOR / DEVELOPER

Juniper Networks, Inc.

PRODUCT SPONSOR / DEVELOPER CONTACT DETAILS

Juniper Networks, Inc
1194 North Matilda Avenue,
Sunnyvale, California 94089-1206
UNITED STATES

URL:http://www.juniper.net
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Tel: 978 589 8822

The Target of Evaluation (TOE), Juniper Networks Junos Pulse Access Control Service 4.2 R4 (hereafter referred as Unified Access Control (UAC)) is an appliance and software client running on a remote IT system. The TOE provides central control point for Juniper Network’s Unified Access Control (UAC) solution.

Users will contact the TOE using a variety of clients in order to request network access. The TOE authenticates users and retrieves the access policies for those users. The TOE also assesses the health of a user’s host machine and compares it to the policies in order to determine whether network access is allowed. Authorised users can communicate with a variety of enforcement points (including Juniper endpoint clients filters, Juniper firewalls, and standard 802.1X enabled switches or wireless access points) to communicate the network access constraints based on the TOE’s decision. The enforcement points will allow or deny access based on the TOE’s result of authentication and policy compliance.

In the context of the evaluation, the TOE provides the following major security features:

  • Generates audit records of security events.
  • Cryptographic support for secure communications between TOE and other IT entities in order to authenticate users and to transmit authorisations to enforcement points.
  • Information flow control to prevent unwanted and non-compliant endpoints from gaining access to the local area network. The TOE compares endpoint configuration with defined security policies; a non-compliant endpoint is not allowed full access to the network.
  • All users are required to perform identification and authentication before any information flows are permitted. For administrators, they must also be authenticated before performing any administrative functions.
  • Security management functions for the administrators to configure the TOE, manage users, manage information flow policy and auditing activities.