U.S. Government Approved Protection Profile - collaborative Protection Profile Module for Stateful Traffic Filter Firewalls v1.4 + Errata 20200625
Short Name: mod_cpp_fw_v1.4e
Technology Type: Firewall
CC Version: 3.1
Preceded By: mod_cpp_fw_v1.3
Conformance Claim: NoneProtection Profile
PP Configuration for NDcPP-FW_v1.4e
PP-Configuration for NDcPP-FW-VPNGW_V.1.1
This PP-Module defines requirements for the evaluation of Stateful Traffic Filter Firewalls in addition to the requirements of the Base-PP which specifies requirements on network devices in general. A Stateful Traffic Filter Firewall shall be regarded as a specific type of network device which provides the security functions of residual information protection and stateful traffic filtering, in addition to those that are expected of all generic network devices. Occurrences of the term 'Network Device' in the Base-PP shall be read as 'Stateful Traffic Filter Firewall' when used in conjunction with this PP-Module, as a TOE that conforms to this PP-Module will also conform to the Base-PP. Such products are generally boundary protection devices, such as dedicated firewalls, routers, or perhaps even switches designed to control the flow of information between attached networks. While in some cases, firewalls implementing security features serve to segregate two distinct networks – a trusted or protected enclave and an untrusted internal or external network such as the Internet – that is only one of many possible applications. It is common for firewalls to have multiple physical network connections enabling a wide range of possible configurations and network information flow policies.
This U.S. Government Approved Protection Profile is not assigned to any Validated Products
Active Related Technical Decisions
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.