NIAP: U.S. Government Approved Protection Profile - Extended Package for Session Border Controller Version 1.1
NIAP/CCEVS

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - Extended Package for Session Border Controller Version 1.1

Short Name: ep_sbc_v1.1

Technology Type: Network Device

CC Version: 3.1

Date: 28 September 2016

Transition End Date: 28 March 2017

Preceded By: cpp_nd_sbc_ep_v1.0

Conformance Claim: None

Protection Profile [PDF]


 

PP OVERVIEW

This Extended Package (EP) specifically addresses Session Border Controllers (SBCs) that provide firewalling, interoperability, and security functions for Voice/Video over IP (VVoIP) networks. The SBC also provides protected communication between trusted components of the network infrastructure.

The physical boundary of the SBC is defined by the operating system components storing or providing security functions and all software supplied by the vendor (including vendor modified components to the operating system). All of the security functionality is contained and executed within the physical boundary of the device.

While the functionality that the Target of Evaluation (TOE) is obligated to implement in response to the described threat environment is detailed in later sections, a brief description is provided here. A compliant TOE will provide security functionality that addresses threats to itself. It must also protect communications between itself and an IP PBX or another SBC by using a trusted channel. Some protocols required by this EP make use of certificates; therefore, the SBC must securely store certificates and private keys.

Since this EP builds on the Network Device collaborative Protection Profile (NDcPP), conformant TOEs are obligated to implement the functionality required in the NDcPP along with the additional functionality defined in this EP in response to the threat environment discussed later in this document.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

 
Site Map              Contact Us              Home