The following Juniper Networks devices with Junos 13.3 and 13.2X software are both Common Criteria Certified and listed on the NIAP Product Compliant List (PCL).
M7i, M10i, M120, M320
MX5, MX10, MX40, MX80, MX104, MX240, MX480, MX960, MX2010, MX2020
T640, T1600, T4000
PTX3000, PTX5000
QFX5100
EX9200, EX8200, EX6200, EX4550, EX4500, EX4300, EX4200, EX3300, EX3200, EX2200.
This is the first time the MX104, MX2010, MX2020, T4000, PTX3000, PTX5000, QFX5100, EX9200, EX4550, EX4300, and EX2200 have been listed on the NIAP PCL.
The Security Target is available here and the Certification Report can be found here.
These devices have been Common Criteria Certified against the NIAP Network Device Protection Profile (NDPP) for several months. Because the Common Criteria Certification was done in Canada, NIAP reviews the results before posting on the NIAP PCL.
Listing on the NIAP PCL is required by Federal policy for many different cases. First, as the NIAP PCL webpage states- “U.S. Customers (designated approving authorities, authorizing officials, integrators, etc.) may treat these mutually-recognized evaluation results as complying with the Committee on National Security Systems Policy (CNSSP) 11 National Policy Governing the Acquisition of Information Assurance (IA) and IA-Enabled Information Technology (IT) Products - dated June 2013 (https://www.cnss.gov/policies.html)”. CNSSP 11 applies to any US Government system carrying classified data at any level and to systems carrying certain command and control traffic regardless of the classification.
NIAP PCL listing is required by the DISA Security Technical Implementation Guide (STIG)s for many product categories. NIAP PCL listing is required for DoD Cloud providers who are handling Impact Level 5 and 6 information, and in other Federal Government acquisitions that require the NIST 800-53, rev 4- SA-4 (7) control.