LANCOM solutions for highly secure site connectivity are based on the LANCOM CC portfolio with highly integrated and field-tested LANCOM network components for pronounced demands of security. The CC portfolio has been developed and manufactured in Germany and comprises a comprehensive, certified, guaranteed “free of backdoors” protection (CC EAL 4+) against cyber attacks – with all the flexibility and scope of interfaces of modern business routers. On top of that, LANCOM Systems commits itself to the complete absence of any hidden means of access – that is backdoors!
Common Criteria is an internationally recognized standard for the certification of hardware and software in terms of data security. CC certification is available for different Evaluation Assurance Levels (EAL), which represent the depth and extent of an evaluation. There are seven different levels of certification, from EAL 1 to EAL 7, each of which builds on the previous level by extension or by the addition of new components. An enormous amount of effort was invested in the evaluation process, which was conducted over a number of years. The entire source code, the extensive documentation, and the specified security target were tested by independent experts. The software development is conducted inside a high-security zone. The products were closely examined with regard to their functionalities and potential vulnerabilities and were subject to several hundreds of system and module tests. Furthermore, the cryptographic algorithms (AES, RSA, Diffie-Hellman), the hashing routines (SHA), as well as the cryptographically secure random number generator have all been exhaustively tested. The certification by the German Federal Office for Information Security guarantees that the evaluation of LANCOM products corresponds to highest standards in the world. CC EAL 4+ is the highest level of certification that a commercial networking product of this complexity can obtain.
LANCOM CC products provide comprehensive protection for all institutions where the operation of certified products is mandatory, respectively for those with pronounced demands for security, such as public authorities, financial services, commercial enterprises, industrial plants and critical infrastructures. They are the basis for securing critical infrastructures and protect against cyber attacks:
- Protection against listening in on sensitive data and voice connections (e.g. sniffing and eavesdropping)
- Protection against simulating a wrong identity of a user on the opposing side (man-in-the-middle attacks)
- Protection against sabotaging the availability of transmission paths (denial-of-service attacks)
Likewise, existing network infrastructures can be upgraded with LANCOM CC products for implementing highly secure sub-areas. This assures you that highly sensitive data is exchanged exclusively within this highly secure network. Your development departments, management-board offices, or other critical areas remain separate from the rest of the company network.
The certification makes the difference. All LANCOM products – certified or not certified – are based on the LANCOM security pledge and provide maximum security, which is significantly higher than the general level in the market. The certification by the German Federal Office for Information Security (BSI) confirms this high-security with an independent, highly demanding testing of the specially designed high-security version of our LCOS firmware – LCOS 8.70 CC. LCOS 8.70 CC enables highly secure operations of a VPN based on the strict Common Criteria (CC) policies. In this certified CC mode, only highly secure interfaces, protocols, and functions are available. Furthermore, the start-up procedure for the certified CC mode is clearly defined.
Yes. You can load any LCOS firmware into LANCOM CC products. These LCOS versions, however, are not certified according to CC EAL 4+. Hence, a certified CC mode is only possible with LCOS 8.70 CC.
No. The certified high-security firmware LCOS 8.70 CC can only be loaded into dedicated LANCOM CC products. However, you can easily extend your existing network with CC products.
LANCOM CC VPN routers offer a combination of product features which is unique on the market: They are based on the field-proven LANCOM router technology with high flexibility and large scope of interfaces. The products are developed and manufactured in Germany and – just like all LANCOM routers and access points – guaranteed to be free of backdoors. In combination with the highly extensive certification by the German Federal Office for Information Security (BSI) – certified areas cover IPSec VPN, backup and redundancy, routing, firewalling, usage of digital certificates, network virtualization (ARF), and management – and all available at a reasonable price, making this offer unique in the market.
The certification process with regard to LANCOM CC products brings about many security benefits for all LANCOM products: The entire software development is conducted inside a high-security zone and many security aspects of LCOS 8.70 CC have been implemented into the standard LCOS version. This makes all “standard” LANCOM products more secure, the only difference is the independently and audited certification of the applied security firmware LCOS 8.70 CC for LANCOM CC products, which guarantees a configuration for high-security operations based on CC EAL 4+.
Yes. As long as several years ago, LANCOM made a commitment for the complete absence of any hidden means of access (backdoors, magic packets, etc.) for all LANCOM products. This self-commitment is adhered to consequently, since backdoors pose a high security risk for IT infrastructures.
For a simplified overview of the steps that lead to a certified start-up of LANCOM CC devices, please see the section "Configuration". An essential part of the certified start-up is the generation of a highly secure random number via a trustworthy smart card, as included in the LANCOM CC Start-up Kit. The software random number generator uses this random number (seed) for generating further random numbers, for instance for the creation of cryptographically highly secure keys and certificates.
In the certified CC mode, only a simple “red/green” status monitoring via ICMP is possible. More in-depth status information can be monitored via SSH. Since SNMP has to be deactivated in certified CC mode, using SNMP-based monitoring tools, such as LANmonitor or LANCOM Large Scale Monitor, is not possible.
LANCOM CC products have to be started-up for operation in the certified CC mode according to a special guidance documentation. This includes a number of special start-up procedures.
For a more convenient start-up, LANCOM Systems offers a special package of accessories, the LANCOM CC Start-up Kit, as well as an adapted CC setup wizard (as of LANconfig 8.82 RU1).
After the first start-up, the CC devices can be managed locally via SSH and remotely via VPN (CLI, LANconfig as of version 8.82 and LANCOM LSR)
For VPN connections to be established in certified CC mode, at least one of the two remote stations has to be assigned fixed IP addresses. Both the usage of preshared keys as well as the use of digital certificates is possible. If digital certificates are used, only self-signed certificates without central Certificate Authority (CA) can be applied. Hence, for certificate-based VPN connections, each device has to be assigned a private, self-signed certificate. All other VPN functionalities are still available, however, not according to CC conformity.
LANCOM WLAN devices are not subject to the certification based on CC EAL 4+. However, WLAN infrastructures can be easily implemented behind LANCOM routers in CC operation, such as for secure WLAN access for employees.
Due to security reasons, a number of unencrypted protocols are not available in CC-compliant operations. However, highly secure protocols for different applications can be used: Monitoring can be conducted via SYSLOG and ICMP instead of via SNMP; management is possible via SSHv2 instead of via TELNET. All interfaces and protocols which could compromise the system’s security are deactivated by default (e.g. ISDN or USB). Nonetheless, all functionalities can be activated outside of CC-compliant operations as necessary. For quick and easy conformity testing and setting, a command can be executed via the command line of the device.