NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
|
|
|
Archived U.S. Government Approved Protection Profile - Extended Package for VPN Gateways Version 2.1
Short Name:
ep_vpn_gw_v2.1
Technology Type:
Virtual Private Network
CC Version:
3.1
Date:
2017.03.08
Preceded By:
pp_ndcpp_vpn_gw_ep_v2.0
Succeeded By:
mod_vpngw_v1.0
Sunset Date:
2019.12.31
![[Sunset Icon]](/assets/images/pp-icon-sunset.gif "[Sunset Icon]")
Conformance Claim:
None
Protection Profile ![[PDF]](/assets/images/icon_pdf.gif)
Control Mapping
PP OVERVIEW
This Extended Package (EP) describes security requirements for a VPN Gateway. This is defined to be a device at the edge of a private network that terminates an IPsec tunnel, which provides device authentication, confidentiality, and integrity of information traversing a public or untrusted network. The EP is intended to provide a minimal, baseline set of requirements that are targeted at mitigating well defined and described threats to VPN Gateway technology. However, this EP is not complete in itself, but rather extends the collaborative Protection Profile for Network Devices (NDcPP) and the collaborative Protection Profile for Stateful Traffic Filter Firewalls (FWcPP).
Assigned to the following Validated Products
-
VID10839 – Palo Alto Networks PA-200 Series, PA-500, PA-800 Series, PA-3000 Series, PA-5000 Series, PA-5200 Series, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS v8.0.6
-
VID10867 – Cisco Integrated Services Router (ISR) 1100 Series, IOS-XE 16.6
-
VID10881 – Cisco Adaptive Security Appliances and ASA Virtual Version 9.8
-
VID10882 – Cisco Next-Generation Firewalls (NGFW) running ASA version 9.8 and FX-OS version 2.2 on the 4k and 9k families
-
VID10883 – Cisco Next-Generation Firewalls (NGFW) running ASA version 9.8 and FX-OS version 2.2 on the 2k family
-
VID10887 – Junos OS 17.4R2 for vSRX
-
VID10889 – Cisco FTD (NGFW) 6.2 on Firepower 4100 and 9300 Series with FireSIGHT (FMC) and FMCv
-
VID10890 – Cisco FTD (NGFW) 6.2 on ASA 5500-X and FTDv with FireSIGHT (FMC) and FMCv
-
VID10891 – Cisco FTD (NGFW) 6.2 on Firepower 2100 Series with FireSIGHT (FMC) and FMCv
-
VID10897 – PacStar 351, 451, 455 or 551 with Cisco ASAv Version 9.6
-
VID10909 – Cisco Embedded Services Router (ESR) 5900 Series
-
VID10910 – Compact Rugged Router, Series 1000 (CRR-1000), v1.0
-
VID10914 – SonicWall SonicOS Enhanced V6.5.2 with VPN and IPS on TZ, SOHOW, NSA, and SM Appliances
-
VID10917 – Cisco ASA with FirePOWER Services, ASA 9.8 and ASDM 7.8 with FirePOWER Services 6.2
-
VID10951 – Cisco Aggregation Services Router 1000 Series (ASR1K) and Integrated Services Router 4000 Series (ISR4K) running IOS-XE 16.9
-
VID10952 – Cisco Cloud Services Router 1000V (CSR1000V), Aggregation Services Router 1000 Series (ASR1K), Integrated Services Router 1100 Series (ISR1100), and Integrated Services Router 4000 Series (ISR4K) running on IOS-XE 16.9
-
VID10971 – SilentEdge Enterprise Server and GoSilent Client
-
VID10975 – Aruba Mobility Controller Series with ArubaOS 8.2
-
VID10990 – Check Point Software Technologies Ltd. Security Gateway Appliances R80.30
-
VID10996 – Apriva MESA VPN
-
VID11010 – Junos OS 19.2R1 for NFX150
-
VID11012 – Junos OS 19.1R2 for MX series with MultiServices MPC
-
VID11017 – Rugged Crystal Firewall RCS5516FW 9.8
-
VID11033 – Cisco IR1101 Integrated Services Router
-
VID11035 – Junos OS 19.2R1-S3 for vSRX
-
VID11037 – Junos OS 19.1R2 for MX104 with Multiservices MIC MS-MIC-16G
-
VID11052 – Aruba Remote Access Point Series with Aruba Mobility Controllers, running AOS 8.2
-
Junos OS 19.2R1 for SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC and SRX550M Series
-
Junos OS 19.2R1 for SRX1500, SRX4100, SRX4200 and SRX4600 Series
Active Related Technical Decisions
|
