Archived U.S. Government Approved Protection Profile - U.S. Government Protection Profile Intrusion Detection System - Sensor for Basic Robustness Environments, Version 1.3
Short Name: pp_ids_sen_br_v1.3
Technology Type: IDS/IPS
CC Version: 3.1
Date: 25 July 2007
Preceded By: pp_ids_sen_v1.2
Sunset Date: 01 June 2011
Conformance Claim: EAL2 Augmented
Please note: This serves as an addendum to the VR for the Original Evaluated PP
Herewith a brief summary, sufficiently detailed to enable a potential user to determine whether the PP is of interest.
The Common Criteria (CC) Intrusion Detection System Sensor Protection Profile specifies a set of security functional and assurance requirements for Information Technology (IT) products. An Intrusion Detection System (IDS) monitors an IT System for activity that may inappropriately affect the IT System's assets. An IT System may range from a computer system to a computer network. An IDS consists of Sensors, Scanners and Analyzers. Sensors and Scanners collect information regarding IT System activity and vulnerabilities, and they forward the collected information to Analyzers. Analyzers perform intrusion analysis and reporting of the collected information.
Intrusion Detection System Sensor Protection Profile-conformant products support the ability to real-time monitor a set of IT resources in order to identify events that may be indicative of potential vulnerabilities in or misuse of those IT resources. Intrusion Detection System Sensor Protection Profile-conformant products also provide the ability to protect themselves and their associated data from unauthorized access or modification and ensure accountability for authorized actions.
The Intrusion Detection System Sensor Protection Profile provides for a level of protection which is appropriate for IT environments that require detection of malicious and inadvertent attempts to gain inappropriate access to IT resources, where the IDS can be appropriately protected from hostile attacks. Though products that are Intrusion Detection System Sensor Protection Profile-conformant can be used to monitor a system or network in a hostile environment, they are not designed to resist direct, hostile attacks. The Intrusion Detection System Sensor Protection Profile does not fully address the threats posed by malicious administrative or system development personnel. This profile is also not intended to result in products that are foolproof and able to detect intrusion attempts by hostile and well-funded attackers. Intrusion Detection System Sensor Protection Profile-conformant products are suitable for use in both commercial and government environments.
The Intrusion Detection System Sensor Protection Profile was constructed to provide a target and metric for the development of Sensors. This protection profile identifies security functions and assurances that represent the lowest common set of requirements that should be addressed by a useful Sensor product.
The Intrusion Detection System Sensor Protection Profile is generally applicable to products regardless of whether they are embedded, stand-alone, centralized, or distributed. However, it addresses only security requirements and not any special considerations of any particular product design.
It should be noted that just because a Sensor may be conformant with this Protection Profile, that Sensor should not be assumed to be interoperable with any other IDS component evaluated against a Protection Profile in the Intrusion Detection System family of Protection Profiles. There are no requirements for interoperability within the Protection Profiles.
July 25, 2007
Assurance maintenance has been performed on this protection profile to update it to the common criteria version 3.1. This update caused a change in version number (from 1.2 to 1.3) that indicates an update has occurred. The updates included revisions based on the assurance requirements of the CC 3.1, removal of FPT_SEP and FPT_RVM since it is now covered by ADV_ARC and replacement of Explicitly stated requirements with Extended requirements (only the nomenclature changed and not the requirements.)
This U.S. Government Approved Protection Profile is not assigned to any Validated Products
Please forward any questions or comments to email@example.com