NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: ep_ips_v2.11

Technology Type: Wireless Monitoring

CC Version: 3.1

Date: 2017.06.15

Preceded By: pp_ndcpp_ips_ep_v2.1

Succeeded By: mod_ips_v1.0

Sunset Date: 2021.07.11

Conformance Claim: None

Protection Profile 

Control Mapping 

PP OVERVIEW

This Extended Package (EP) describes security requirements for a network-based Intrusion Prevention System (IPS) (defined to be an intrusion prevention product located within or at the edge of a private network that can collect, inspect, analyze, and react to network traffic in real-time) and is intended to provide a minimal baseline set of requirements that are targeted at mitigating well defined and described threats. This EP is not complete in itself, but rather extends either the collaborative Protection Profile for Network Devices (NDcPP) or collaborative Protection Profile for Stateful Traffic Filter Firewalls (FWcPP).

As an EP of either the NDcPP or FWcPP, it is expected that the content of both this EP and the base PP be appropriately combined in the context of each product-specific Security Target.

When this EP is used to build on the NDcPP, conformant TOEs are obligated to implement the functionality required in the NDcPP along with the additional functionality defined in this EP in response to the threat environment discussed subsequently herein. Likewise, when this EP is used to build on the FWcPP, conformant TOEs are expected to satisfy all requirements of that PP as well as those that are defined by this EP. The PP that is extended by this EP is referred to as the “base PP”.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Archived Related Technical Decision

• 0325 – Inline mode for Signature-based IPS policies