TD0591: NIT Technical Decision for Virtual TOEs and hypervisors
The NIT has issued a technical decision for Virtual TOEs and hypervisors.
NDcPPv2.2e Section 1.2 describes two cases applicable to evaluating virtual TOEs. In Case 1 the virtual TOE is represented by the vND alone. In Case 2 the virtual TOE evaluated as a pND (physical network device), where the VS (virtualization system) is considered part of the TOE. The restriction on allowing other guest VMs is only applicable to Case 2.
To further clarify this point, the following changes shall be made:
The second paragraph of A.LIMITED_FUNCTIONALITY is replaced as follows:
If a virtual TOE evaluated as a pND, following Case 2 vNDs as specified in Section 1.2, the VS is considered part of the TOE with only one vND instance for each physical hardware platform. The exception being where components of a distributed TOE run inside more than one virtual machine (VM) on a single VS. In Case 2 vND, no non-TOE guest VMs are allowed on the platform.
In the Acronyms section of NDcPP, the entry for TSF shall be replaced as follows:
TOE Security Functionality
TSF = TOE for pND or Case 1 vND according to section 1.2
TSF = TOE + VS for Case 2 vND (vND evaluated as a pND) according to section 1.2
For further information, please see NIT Interpreation at: https://www.niap-ccevs.org/Documents_and_Guidance/ccevs/NITDecisionRFI202100.pdf
See issue description.