NIAP: Archived U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Traffic Filter Firewall in Basi...

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Archived PPs  »»  Details  
Archived U.S. Government Approved Protection Profile - U.S. Government Protection Profile for Traffic Filter Firewall in Basic Robustness Environments Version 1.1

Short Name: pp_fw_tf_br_v1.1

Technology Type: Firewall

CC Version: 3.1

Date: 2007.07.25

Preceded By: pp_fw_tf_lr_v1.1

Sunset Date: 2011.06.01 [Sunset Icon]

Conformance Claim: EAL2 Augmented

Protection Profile [PDF]

Addendum [PDF]



Herewith a brief summary, sufficiently detailed to enable a potential user to determine whether the PP is of interest.

This traffic-filter firewall Protection Profile defines the minimum security requirements for firewalls used by U.S Government organizations handling unclassified information in a low-risk environment. Firewalls may consist of one or more devices that act as part of an organization’s overall security defense by isolating an organization’s internal network from the Internet or other external networks. Firewalls pass and block information flows based on a set of screening rules defined by an authorized administrator. This Protection Profile applies to firewalls that are capable of screening network traffic at the network and transport protocol levels, authenticating the authorized administrator for actions at the firewall, and auditing security-relevant events that occur.


July 25, 2007 – Assurance maintenance has been performed on this protection profile to update it to the common criteria version 3.1. This update caused a change in version number (from 1.0 to 1.1) that indicates an update has occurred. The updates included revisions based on the assurance requirements of the CC 3.1, removal of FPT_SEP and FPT_RVM since it is now covered by ADV_ARC and replacement of Explicitly stated requirements with Extended requirements (only the nomenclature changed and not the requirements.) Cryptographic functional requirements were also revised to reflect the latest updated standards.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

This U.S. Government Approved Protection Profile does not have any related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home