NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
U.S. Government Approved Protection Profile - Extended Package for Voice and Video over IP (VVoIP) Version 1.0
Transition End Date:
The Target of Evaluation that is defined by this Extended Package (EP) and either the Network Device collaborative Protection Profile (NDcPP) or the Software Application Protection Profile (App PP) is a dedicated device or software application that provides the exchange of voice and/or video communication across an Internet Protocol (IP) network. The endpoint is a client (TOE) that communicates with an Enterprise Session Controller (ESC) server. The VVoIP endpoint shall be able to secure file download from a file server to update VVoIP endpoint software and configuration, establish secure communication for call control with the ESC, and secure streaming media to other devices.
The combination of the NDcPP and this EP is a network device, either a dedicated appliance with a non-modifiable operating system, or a general-purpose server running an independent commercially-available operating system, that provides VVoIP endpoint functionality. Regardless of whether the TOE is a standalone appliance or a general-purpose device that is configured to function as a VVoIP endpoint, the TOE must be capable of satisfying all of the mandatory requirements of the NDcPP. The combination of the App PP and this EP is a software application running on a general purpose operating system that provides VVoIP endpoint capabilities in addition to all of the security functionality expected of a software application as mandated by the App PP.
Secure File Download is the exchange of packets between the client and the file server (may be the same server as the ESC). Call Control is the packets exchanged between the ESC and client (VVoIP endpoint) to establish, maintain, and tear down a telephony call. Streaming Media is the voice/video exchanged between the endpoints.
This EP describes the functional requirements and threats specific to the VVoIP endpoint. Any requirements to the VVoIP endpoint not specified in this EP need to follow the ND cPP or App PP. The most notable additions are requirements for the call control protocol (SIP, H.323/H225.0, H.245) and streaming media protocol (SRTP, RTP).
Assigned to the following Validated Products
Active Related Technical Decisions
Archived Related Technical Decisions