Archived U.S. Government Approved Protection Profile - Protection Profile for Intrusion Prevention Systems Extended Package Version 1.0
Short Name: pp_nd_ips_ep_v1.0
Technology Type: Wireless Monitoring
CC Version: 3.1
Sunset Date: 2016.02.27
Conformance Claim: NoneProtection Profile
This EP specifically addresses network-based Intrusion Prevention Systems (IPS). A conformant IPS is a product that is connected to one or more distinct networks and is managed as part of an overall enterprise security solution. In particular, a compliant IPS provides network security administrators with the ability to monitor, collect, log, and react in real-time to potentially malicious network traffic. This EP is focused on inspecting IP traffic (TCP, UDP, ICMP, etc.). This limited scope is intentional for a number of reasons including: to define a reasonable boundary for the scope of testing (assurance measures) defined within the EP and to allow future EPs to address other IPS and functionality that includes scanners, analyzers, sensors, etc. The scope of the EP does not preclude support for inspection of other IP protocols (e.g. GRE, ESP, AH), but the scope of this EP does not include the evaluation of non-IP protocols including layer-2 protocols, or Ethernet.
This U.S. Government Approved Protection Profile is not assigned to any Validated Products
Archived Related Technical Decision
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.