Archived U.S. Government Approved Protection Profile - Extended Package for SIP Server Version 2.0
Short Name: pp_ndcpp_sip_ep_v2.0
Technology Type: SIP Server
CC Version: 3.1
Preceded By: pp_nd_sip_ep_v1.1
Succeeded By: ep_esc_v1.0
Sunset Date: 2017.04.25
Conformance Claim: NoneProtection Profile
This Extended Package (EP) describes the security requirements for a Session Initiation Protocol (SIP) Server and provides a minimal baseline set of requirements targeted at mitigating well defined threats. However, this EP is not complete in itself, but rather extends the collaborative Protection Profile for Network Devices (NDcPP). This introduction will describe the features of a compliant Target of Evaluation (TOE), and will also discuss how this EP is to be used in conjunction with the NDcPP.
Since this PP is designated for the SIP Server, is should be understood that the Target of Evaluation (TOE) is the SIP Server and “SIP Server” and “TOE” are used interchangeably within this document.
This is an EP for a SIP Server. The Voice over IP (VoIP) infrastructure for an enterprise can vary greatly, both in size and complexity. Many kinds of functionality are possible, often desirable, and sometimes necessary – including Session Border Controllers (SBC), gateways, trunking, Network Address Translation (NAT), and firewall traversal. The SIP Server interacts with a VoIP client and provides registrar and proxy capabilities required for call-session management as well as establishing, processing, and terminating VoIP calls. As a registered server, the SIP Server accepts REGISTER requests and places the information received into the location service on the SIP Server. As a SIP proxy server, the SIP Server is a stateful server that manages transactions to route SIP requests and responses.
Since this EP builds on the NDcPP, conformant TOEs are obligated to implement the functionality required in the NDcPP along with the additional functionality defined in this EP in response to the threat environment discussed subsequently herein.
This U.S. Government Approved Protection Profile is not assigned to any Validated Products
Archived Related Technical Decision
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.