Archived U.S. Government Approved Protection Profile - Extended Package for Mobile Device Management Agents Version 3.0
Short Name: ep_mdm_agent_v3.0
Technology Type: Mobility
CC Version: 3.1
Transition End Date: 2017.05.21
Preceded By: pp_mdm_agent_v2.0
Succeeded By: mod_mdm_agent_v1.0
Sunset Date: 2019.10.25
Conformance Claim: NoneProtection Profile
The Mobile Device Management (MDM) system consists of two primary components: the MDM Server software and the MDM Agent.
The MDM operational environment consists of the mobile device on which the MDM Agent resides, the platform on which the MDM Server runs, and an untrusted wireless network over which they communicate.
The MDM Agent, which is the focus of this EP, is installed on a mobile device as an application (supplied by the developer of the MDM Server software) or is part of the mobile device’s OS. The MDM Agent establishes a secure connection back to the MDM Server, which is controlled by an enterprise administrator. Optionally, the MDM Agent interacts with the Mobile Application Store (MAS) Server to download and install enterprise-hosted applications.
If the MDM Agent is part of the mobile device’s OS, the MDM Agent may present multiple interfaces for configuring the mobile device, such as a local interface and a remote interface. Agents conforming to this Extended Package (EP) must at least offer an interface with a trusted channel that serves as one piece of an MDM system. Conformant MDM Agents may also offer other interfaces, and the configuration aspects of these additional interfaces are in scope of this EP.
Assigned to the following Validated Products
Archived Related Technical Decisions
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.