Maintenance Addendum EMC Smarts Service Assurance Management (SAM) Suite and Internet Protocol (IP) Management Suite 6.5.1 -RP42, with EMC Smarts Storage Insight for Availability (SIA) 1.0 (December 2007)
Maintenance Report
EMC® Smarts® Service Assurance Management (SAM) Suite
and Internet Protocol (IP) Management Suite 6.5.1-RP42, with
EMC® Smarts® Storage Insight for Availability (SIA) 1.0
Issued by:
Communications Security Establishment
Certification Body
Canadian Common Criteria Evaluation and Certification Scheme
© 2007 Government of Canada, Communications Security Establishment
| Document number | 383-7-18-MR |
|---|---|
| Version | 1.0 |
| Date | December 18, 2007 |
1 Introduction
On 20 November 2007, Electronic Warfare Associates-Canada (EWA-Canada) submitted an Impact Analysis Report to the CCS Certification Body on behalf of EMC Corporation, the developer of the EMC® Smarts® Service Assurance Management (SAM) Suite and Internet Protocol (IP) Management Suite 6.5.1-RP42 with EMC® Smarts® Storage Insight for Availability (SIA) 1.0 (hereafter referred to as the SAM/IP 6.5.1-RP42 with SIA 1.0) product. The Impact Analysis Report is intended to satisfy requirements outlined in version 1.0 of the Common Criteria document CCIMB-2004-02-009: Assurance Continuity: CCRA Requirements. In accordance with those requirements, the Impact Analysis Report (IAR) describes the changes made to SAM/IP 6.5.1-RP42 with SIA 1.0 (the maintained Target of Evaluation), the evidence updated as a result of the changes and the security impact of the changes.
2 Description of changes to the TOE
The following characterizes the changes implemented in the SAM/IP 6.5.1-RP42 with SIA 1.0. For each change, it was verified that there were no required changes to the security functional requirements in the ST, and thorough functional and regression testing was conducted by the developer to ensure that the assurance in the Target of Evaluation (TOE) was maintained. The changes in the SAM/IP 6.5.1-RP42 with SIA 1.0 comprise bug fixes resulting from defects detected and resolved through the QA/test process.
3 Description of Changes to the IT Environment
Changes to the IT Environment are permissible under assurance continuity provided that they do not change the certified TOE. A modified ST was provided which listed the updated software. EMC Corporation subjected the TOE to complete regression testing. The changes to the IT Environment (product) include the added non-security related software Smarts® Storage Insight for Availability (SIA) 1.0 and a product name change.
Affected developer evidence
Modifications to the product necessitated changes to a subset of the developer evidence that was previously submitted for the TOE. The set of affected developer evidence was identified in the IAR.
Modifications to the security target were made to reflect the new product versions.
4 Affected developer evidence
All changes to the TOE were bug fixes. Through functional and regression testing of the SAM/IP 6.5.1-RP42 with SIA 1.0, assurance gained in the original TOE certification was
maintained. As all of the changes to the TOE have been classified as minor, it is the conclusion of the CB that the maintained TOE is appropriate for assurance continuity and re-evaluation is not required.
5 References
- Assurance Continuity: CCRA Requirements, CCIMB-2004-02-009, version 1.0, February 2004
- Technical Oversight for Assurance Continuity of a Certified TOE, version 1.2, October 2005
- Certification Report EAL 2 Evaluation of EMC® Corporation's EMC® Smarts® Service Assurance Management (SAM) Suite and Internet Protocol (IP) Management Suite 6.5.1