NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
|
|
|
U.S. Government Approved Protection Profile - collaborative Protection Profile for Network Devices Version 2.2e
Short Name:
cpp_nd_v2.2e
Technology Type:
Network Device
CC Version:
3.1
Date:
2020.03.27
Preceded By:
cpp_nd_v2.1
Conformance Claim:
None
Protection Profile ![[PDF]](/assets/images/icon_pdf.gif)
Supporting Docs
Control Mapping
PP OVERVIEW
This is a Collaborative Protection Profile (cPP) whose Target of Evaluation (TOE) is a Network Device (ND). It provides a minimal set of security requirements expected by all Network Devices that target the mitigation of a set of defined threats. This baseline set of requirements will be built upon by future cPPs to provide an overall set of security solutions for networks up to carrier and enterprise scale. A Network Device in the context of this cPP is a device that is connected to a network and has an infrastructure role within that network. The TOE may be standalone or distributed, where a distributed TOE is one that requires multiple distinct components to operate as a logical whole in order to fulfil the requirements of this cPP.
When discussing a ND in this document, it refers to a Network Device or a component of a distributed Network Device unless it is expressly stated otherwise.Under this cPP, NDs may be physical or virtualized.
A physical Network Device (pND) consists of network device functionality implemented inside a physical chassis with physical network connections. The network device functionality may be implemented in either hardware or software or both. For pNDs, the TOE encompasses the entire device—including both the network device functionality and the physical chassis. There is no distinction between TOE and TOE Platform.
A virtual Network Device (vND) is a software implementation of network device functionality that runs inside a virtual machine (VM) on either general purpose or purpose-built hardware. The TOE consists of all software within the VM—in particular, the network device functionality and the operating system on which it runs.
Assigned to the following Validated Products
-
VID11101 – Cisco FTD 6.4 on Firepower 4100 and 9300 Series with FMC/FMCv
-
VID11103 – Ultra 3eTI WiFiProtect 3e-525/523 Series Wireless Access Points
-
VID11106 – Bivio 6310-NC
-
VID11125 – FireEye CM Series Appliances v9.0
-
VID11126 – FireEye EX Series Appliances v9.0
-
VID11128 – Fidelis Network and Fidelis Deception v9.3.3
-
VID11129 – Gigamon GigaVUE Version 5.9.00
-
VID11130 – FireEye NX Series Appliances v9.0
-
VID11131 – FireEye VX Series Appliances v9.0
-
VID11132 – Cisco FTD (NGFW) 6.4 on Firepower 4100 and 9300 Series with FMC/FMCv
-
VID11137 – One Identity Safeguard for Privileged Passwords v6.7
-
VID11138 – Cisco FTD 6.4 on Firepower 1000 and 2100 Series with FMC/FMCv
-
VID11139 – Cisco FTD (NGFW) 6.4 on Firepower 1000 and 2100 Series with FMC/FMCv
-
VID11141 – Cisco FTD 6.4 on ASA 5500 and ISA 3000 and FTDv with FMC/FMCv
-
VID11142 – Cisco FTD (NGFW) 6.4 on ASA 5500 and ISA 3000 and FTDv with FMC/FMCv
-
VID11143 – FireEye HX Series Appliances v5.0.1
-
VID11144 – Cisco Firepower NGIPS/NGIPSv 6.4 with FMC/FMCv 6.4
-
VID11154 – Ruckus SmartZone WLAN Controllers & Access Points, R5.2.1.3
-
VID11162 – Cisco Embedded Services Router (ESR) 6300
-
VID11176 – Sierra Nevada Corporation Binary Armor SCADA Network Guard, with firmware version 2.1
-
VID11177 – Cisco Catalyst Industrial Ethernet 3x00 Rugged Series (IE3200, IE3300, IE3400, IE3400H) Switches running IOS-XE 17.3
-
VID11188 – Klas Fastnet Series Switches KlasOS 5.3
-
VID11195 – Aruba, a Hewlett Packard Enterprise Company, 6200, 6300, 6400, 8320, 8325, 8360 and 8400 Switch Series
-
VID11198 – Extreme Networks, Inc. SLX Product Series operating with Version 20.2.1aa
-
Samsung 5G gNB AU, DU v19.A
Active Related Technical Decisions
|
