NIAP: U.S. Government Approved Protection Profile - Protection Profile for Virtualization Version 1.0
NIAP/CCEVS

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - Protection Profile for Virtualization Version 1.0

Short Name: pp_base_virtualization_v1.0

Technology Type: Virtualization

CC Version: 3.1

Date: 22 November 2016

Preceded By: pp_sv_v1.1

Conformance Claim: None

 

PP OVERVIEW

The scope of this Protection Profile (PP) is to describe the security functionality of virtualization technologies in terms of [CC] and to define security functional and assurance requirements for such products. This PP is not complete in itself, but rather provides a set of requirements that are common to the Extended Packages (EP) for Server Virtualization and for Client Virtualization. These capabilities have been broken out into this generic ‘base’ PP due to the high degree of similarity between the two product types.

Due to the increasing prevalence of virtualization technology in enterprise computing environments, it is essential to ensure that this technology is implemented securely in order to mitigate the risk introduced by sharing multiple computers and their data across a single physical system.   

 

 

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Related Technical Decisions

  • 0213 – Corrections to App Note references to FCS_TLS, FCS_IPSEC, and FTP_ITC
  • 0206 – Testing for Non-Existence of Disconnected Virtual Devices
  • 0166 – Optional Authentication of TLS Client
  • 0139 – Clarification of testing for FDP_RIP_EXT.2

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home