U.S. Government Approved Protection Profile - PP-Module for Virtual Private Network (VPN) Gateways Version 1.2
Short Name: mod_vpngw_v1.2
Technology Type: Virtual Private Network
CC Version: 3.1
Transition End Date: 2022.09.30
Preceded By: mod_vpngw_v1.1
Conformance Claim: NoneProtection Profile
PP Configuration for NDcPP-VPNGW_V1.2
PP Configuration for NDcPP-FW-VPNGW_V1.2
PP Configuration for NDcPP-IPS-FW-VPNGW_v1.1
PP Configuration for NDcPP-WLANAS-FW-VPNGW_v1.0
PP Configuration for NDcPP-VPNGW-WLANAS_V1.0
This PP-Module defines requirements for the evaluation of VPN Gateways in addition to the requirements of the Base-PP which specifies requirements on network devices in general. This PP-Module specifically addresses network gateway devices that terminate IPsec VPN tunnels. A compliant VPN gateway is a device composed of hardware and software that is connected to two or more distinct networks and has an infrastructure role in the overall enterprise network. In particular, a VPN gateway establishes a secure tunnel that provides an authenticated and encrypted path to another site(s) and thereby decreases the risk of exposure of information transiting an untrusted network. The baseline requirements of this PP-Module are those determined necessary for a multi-site VPN gateway device. A compliant TOE may also contain the ability to act as a headend for remote clients.
Assigned to the following Validated Products
Active Related Technical Decisions
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.