NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - PP-Module for Host Agent Version 1.0

Short Name: mod_ha_v1.0

Technology Type: Enterprise Security Management

CC Version: 3.1

Date: 2020.10.23

Preceded By: not applicable

Conformance Claim: None

Protection Profile

Protection Profile [PDF]

Supporting Docs

Supporting Docs [PDF]

Control Mapping [PDF]

PP-Configuration for APP-EDR-HA_v1.0.pdf  [PDF]



The boundary for the Host Agent includes all processes, all modules, and libraries bundled with the Host Agent. The Host Agent can run as a daemon or service on the platform but is not required to. The Host Agent is not expected to have a local or remote Graphical User Interface (GUI) for administration but having such an interface is not precluded by this PP-Module. It is expected that Host Agents will be managed by their associated ESM server or the underlying platform. The TOE boundary includes the communications channel with other Host Agents, an ESM server, or a cloud service. The platform operating system or execution environment upon which the Host Agent is executing is outside the scope of a Host Agent evaluation.

The requirements for the EDR are not covered in this PP-Module, however it is expected that an ESM system will evaluate against a PP-Configuration that includes both the EDR PP-Module and the Host Agent PP-Module. The EDR PP-Module covers the security functionality needed on the server or cloud service, and the paired Host Agent PP-Module covers the security functionality needed on the endpoint device (desktop, mobile device, etc.).  At this time only the EDR PP-Module is published and ready for use with this Host Agent PP-Module.  Future versions of this PP-Module will include requirements for other classes of ESM software.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Active Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home