Archived U.S. Government Approved Protection Profile - U.S. Government Firewall Protection Profile for Medium Robustness Environments, V1.1
Short Name: pp_fw_mr_v1.1 Technology Type: Firewall CC Version: 3.1 Date: 2007.07.25 Preceded By: pp_fw_mr2.0_v1.0
Sunset Date:
2009.10.01
Conformance Claim: Medium Robustness Protection Profile![]() Validation Report ![]() CC Certificate ![]() Addendum ![]()
PP OVERVIEWThe U.S. Government Firewall Protection Profile for Medium Robustness Environments specifies the minimum-security requirements for network boundary devices that provide controlled connectivity between two or more network environments (hereafter referred to as the Target of Evaluation (TOE)) used by the Department of Defense (DoD) in Medium Robustness Environments. The TOE may be a dedicated device such as a firewall, or an enhancement to some other network device such as a router. The target robustness level of "medium" is specified in the Guidance and Policy for the Department of Defense Global Information Grid Information Assurance (GIG) [2] and is further discussed in Section 3.0 of this PP. The TOE supports user identification and authentication (I&A) where "user" is defined to be a human user acting in a role (i.e., Security Administrator, Cryptographic Administrator, and Audit Administrator) or an authorized IT entity. The TOE provides the capability to pass and block information flows based on a set of rules defined by the Security Administrator. Additionally, the TOE enforces security policies which restrict host-to-host connections to common Internet services such as: Telnet, File Transfer Protocol (FTP), Hypertext Transfer Protocol (HTTP), and Simple Mail Transfer Protocol (SMTP). The TOE supports encryption for remote administration, remote users and authorized IT entities (e.g., certificate server, NTP server), and generates audit data of security relevant events. The assurance requirements are presented in Section 5.3. This PP defines:
SECURITY EVALUATION SUMMARYBecause a PP is written to be implementation-independent, there may be some ambiguities that do not arise until a specific implementation is being evaluated against it. When this happens, a resolution is established through the Observation Decision (OD) process in the form of a Precedent Decision (PD), which is to be used consistently in subsequent evaluations involving the PP in question. The Precedent Decisions specifically associated with this PP are listed below:
ENVIRONMENTAL STRENGTHSThe evaluation of the U. S. Government Firewall Protection Profile for Medium Robustness Environments, Version 1.0 provides specification for environments in which TOEs with various levels of robustness are appropriate to meet Medium Robustness level of independently assured security requirements. The assurance requirements were chosen to be consistent with this goal ASSURANCE MAINTENANCEJuly 25, 2007 This U.S. Government Approved Protection Profile is not assigned to any Validated ProductsThis U.S. Government Approved Protection Profile does not have any related Technical DecisionsPlease forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT). Please forward any general questions to our Q&A tool. |