In order to clarify FTP_ITC requirements in the VPN GW EP v1.1 related to remote administration and communication with the audit server for FAU_STG, the Application Note is being revised.

Revised wording for VPN GW EP Application Note for FTP_ITC states:

The NDPP allows trusted channels other than IPsec to be available for communication with external IT entities but defers to this EP to specify VPN Gateway functionality. To be compliant with this EP, the selection is made such that the TOE must provide the IPsec protocol for its VPN Gateway functionality. Protection (by at least one of the listed protocols) is required at least for communications with the server that collects the audit information (per the NDPP). For communication with any other authorized IT entity, the ST author makes the appropriate selections/assignments and includes the related requirements from Annex C corresponding to their selections.

Refinement of FTP_ITC requirement needed to provide clarification of the requirement.