Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2

Nokia Corporation
313 Fairchild Drive
Mountain View, California
USA 52520

The Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2 was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at EWA-Canada, located in Ottawa, Ontario, Canada. The evaluation was completed in August 2005.

The evaluation of the Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/ FireWall-1 NG FP2 determined that this Information Technology (IT) product can be trusted, to an assurance level of EAL 4, to conform to the requirements of the associated security target.

The Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2 provides firewall and virtual private network functionality to secure the communication between networks. It also provides the capability to securely configure and administer the product itself. The TOE's ability to invoke the VPN when required as per the established security policies was evaluated; however, correct operation of the VPN functionality was not included as a part of this evaluation. The Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2 supervises traffic, belonging to the complete IP (Internet Protocol) family of protocols, which passes between networks physically connected to the computer system which hosts the TOE.

The evaluated configuration consists of:

  • A number of separate but communicating instances of the TOE executing on any computer system from the family of workstations, servers and security Appliances which support one of the following operating systems:
    • Nokia IPSO 3.5
    • Nokia IPSO 3.5.1
    • Windows 2000
  • The Check Point Management Server module running on a system with the Windows 2000 operating system and residing on a secure LAN.
  • The Check Point Graphical User Interface module running on a system with the Windows 2000 operating system and residing on the same protected LAN as the Management Server.
  • The Check Point VPN-1 SecureClient module running on a system with the Windows 2000 operating system and residing outside of the protected LAN.
  • One or more Check Point VPN-1/FireWall-1 NG FP2 modules running on one of the secure computer systems described above and residing either on the same protected LAN as the Management Server or outside of the protected LAN.
  • The Check Point Policy Server module running on a system which also has a VPN-1/FireWall-1 NG FP2 module installed and which resides on the protected LAN.

The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the Nokia IP130, IP350, and IP380 Firewall/VPN Appliances with Check Point VPN-1/FireWall-1 NG FP2 satisfies its IT security requirements. Consumers are advised to verify that their operating environment is consistent with the security target, and to give due consideration to the recommendations stated in the certification report.

Security Target: PDF * Accessibility Notice * Official Languages Notice

Certification Report: HTML | PDF

Certificate of Evaluation: HTML | PDF