U.S. Government Approved Protection Profile - PP-Module for VPN Client, Version 2.4
Short Name: mod_vpnc_v2.4
Technology Type: Virtual Private Network
CC Version: 3.1
Transition End Date: 2022.09.30
Preceded By: mod_vpnc_v2.3
Conformance Claim: NoneProtection Profile
PP Configuration for MDF-VPNC_V1.3
PP Configuration for GPOS-VPNC_V1.3
PP Configuration for MDM-VPNC_V1.3
PP Configuration for APP-VPNC_V1.2
PP Configuration for APP-VPNC_V1.3
PP Configuration for MDF-MDMA-VPNC-BT_V1.1
PP Configuration for MDF-BIO-VPNC-WLANC_v1.0
PP Configuration for MDF-BIO-BT-MDMA-VPNC-WLANC_V1.0
PP Configuration for MDF-VPNC-WLANC_V1.0
PP Configuration for MDF-BIO-MDMA-VPNC-WLANC_V1.0
PP Configuration for MDF-BT-VPNC-WLANC_V1.0
PP Configuration for MDF-BIO-BT-VPNC-WLANC_V1.0
PP Configuration for MDF-MDMA-VPNC-WLANC_V1.0
PP Configuration for MDF-BT-VPNC-WLANC_V1.1
The Target of Evaluation (TOE) defined by this PP-Module is the VPN client, a software application that runs on a physical or virtual host platform, used to establish a secure IPsec connection between that host platform and a remote system. The VPN client is intended to be located outside or inside of a private network, and establishes a secure tunnel to an IPsec peer. For the purposes of this PP-Module, IPsec peers are defined as:
· VPN gateways
· Other VPN clients
· An IPsec-capable network device (supporting IPsec for the purposes of management)
The tunnel provides confidentiality, integrity, and data authentication for information that travels across a less trusted (sometimes public) network. All VPN clients that comply with this document will support IPsec.
This PP-Module extends the GPOS PP when the VPN client is installed on an operating system discussed in that PP (e.g., Windows, Mac OS, Linux). This PP-Module extends the MDF PP when the VPN client is installed on a self-contained mobile device that is bundled with an operating system (e.g. Android, BlackBerry OS, iOS, Windows Mobile). This PP-Module extends the App PP when the VPN client is provided by a third party and is a standalone application that is not a bundled part of an operating system or mobile device. This PP-Module extends the MDM PP when the VPN Client is included with MDM Server software that is used for centralized deployment and administration of enterprise mobile device policies.
Assigned to the following Validated Products
Active Related Technical Decisions
Archived Related Technical Decision
Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).
Please forward any general questions to our Q&A tool.