Certified Product: FortiManager Appliances running Firmware 5.2.4

FortiManager Appliances running Firmware 5.2.4 (hereafter referred to as the Target of Evaluation, or TOE) from Fortinet, Inc., was the subject of a Common Criteria evaluation performed by the Common Criteria Evaluation Facility at CGI IT Security Evaluation & Test Facility. The evaluation was completed in July 2016.

The evaluation of the TOE determined that this Information Technology (IT) product is conformant to the Protection Profile for Network Devices Version 1.1, 8 June 2012 with Errata #3.

The TOE is a network management appliance which manages multiple Fortinet devices, providing centralized configuration management, updates for firmware, virus and attack signatures, web and email filtering. The TOE implements a FIPS 140-2 validated module to secure communications to trusted administrators and to secure generated audit logs in transit to an external audit server.

The scope of this evaluation is defined by the security target, which identifies assumptions made during the evaluation, the intended environment for the TOE, the IT security requirements to be met, and the level of confidence (evaluation assurance level) to which it is asserted that the TOE satisfies its IT security requirements.

Consumers are advised to carefully review the certification report to gain an understanding of the security functionality, the evaluated configuration, and the intended operating environment for the TOE.