NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: mod_ips_v1.0

Technology Type: Wireless Monitoring

CC Version: 3.1

Date: 2021.05.11

Preceded By: ep_ips_v2.11

Conformance Claim: None

Protection Profile 

Supporting Docs 

PP Configuration for NDcPP-IPS_V1.0 

Control Mapping 

PP-Configuration for NDcPP-IPS-FW_V1.0  

PP-Configuration for NDcPP-IPS-FW-VPNGW_V1.0  

PP Configuration for NDcPP-IPS-FW-VPNGW_v1.1  

PP Configuration Document for NDcPP-IPS-FW-VPNGW_V1.2  

PP OVERVIEW

The scope of this PP-Module is to describe the security functionality of an Intrusion Prevention System (IPS) in terms of [CC] and to define functional and assurance requirements for such products. This PP-Module is intended for use with the Collaborative Protection Profile for Network Devices (NDcPP),Version 2.2e

A TOE that conforms to a PP-Configuration containing this PP-Module may be a ‘Distributed TOE’ as  defined in the NDcPP. For example, the TOE could have distributed ‘sensor’ components monitoring  various logically separated networks, each of which reports to a centralized ‘manager’ component for  configuration of IPS policies and aggregation of IPS data.

Assigned to the following Validated Products

• VID11236 – Junos OS 20.3R3 for NFX350
• VID11290 – Cisco FTD (NGFW) 7.0 on Firepower 1000 and 2100 Series with FMC/FMCv
• VID11292 – Cisco FTD (NGFW) 7.0 on Firepower 4100 and 9300 Series with FMC/FMCv
• VID11300 – Cisco FTD (NGFW) 7.0 on ASA 5500 and ISA 3000 and FTDv with FMC/FMCv
• VID11339 – Cisco NGIPSv 7.0 with FMC/FMCv 7.0
• FortiGate/FortiOS Version 6.2.7

Active Related Technical Decisions

• 0722 – IPS_SBD_EXT.1.1 EA Correction
  • References:  IPS_SBD_EXT.1.1, MOD_IPS_v1.0-SD
• 0595 – Administrative corrections to IPS PP-Module
  • References:  FAU_GEN.1.1/IPS, Table 4