NIAP: Archived U.S. Government Approved Protection Profile - Protection Profile for IPsec Virtual Private Network (VPN) Clients Ver...

Short Name: pp_vpn_ipsec_client_v1.4

Technology Type: Virtual Private Network

CC Version: 3.1

Date: 23 October 2013

Preceded By: pp_vpn_ipsec_client_v1.3

Succeeded By: ep_vpn_cli_v2.0

Sunset Date: 26 December 2017 [Sunset Icon]

Conformance Claim: None



This Protection Profile (PP) supports procurements of commercial off-the-shelf (COTS) IPsec Virtual Private Network (VPN) Clients to provide secure tunnels to authenticated remote endpoints or gateways. This PP details the policies, assumptions, threats, security objectives, security functional requirements, and security assurance requirements for the VPN and its supporting environment.

The primary intent is to clearly communicate to developers the Security Functional Requirements needed to counter the threats that are being addressed by the VPN Client.  The description in the TOE Summary Specification (TSS) of the Security Target (ST) is expected to document the architecture of the product (Target of Evaluation) and the mechanisms used to ensure that critical security transactions are correctly implemented.


This document specifies Security Functional Requirements (SFRs) for a VPN Client.  A VPN provides a protected transmission of private data between VPN Clients and VPN Gateways.  The TOE defined by this PP is the VPN Client, a component executing on a remote access client, using a platform API that enables the VPN client application to interact with other applications and the client device platform (part of the Operational Environment of the TOE).  The VPN Client is intended to be located outside or inside of a private network, and provides a secure tunnel to a VPN Gateway.  The tunnel provides confidentiality, integrity, and data authentication for information that travels across the public network.  All VPN clients that comply with this document will support IPsec.

A VPN Client allows remote users to use client computers to establish an encrypted IPsec tunnel across an unprotected public network to a private network (see Figure 1).  The TOE sits between the public network and entities (software, users, etc.) that reside on the VPN Client’s underlying platform.  IP packets crossing from the private network to the public network will be encrypted if their destination is a remote access VPN Client supporting the same VPN policy as the source network.  The VPN Client protects the data between itself and a VPN Gateway, providing confidentiality, integrity, and protection of data in transit, even though it traverses a public network.

Assigned to the following Validated Product

Related Technical Decisions

  • 0140 – FCS_IPSEC_EXT.1.12, Test 1 - Importing of Private Key and Certificate
  • 0138 – IPsec VPN Client Testing of SPD Rules
  • 0124 – Auditable Events in VPN IPSEC Client PP
  • 0107 – FCS_CKM - ANSI X9.31-1998, Section 4.1.for Cryptographic Key Generation
  • 0097 – VPN Gateway selection for FCS_IPSEC_EXT.1.14
  • 0079 – RBG Cryptographic Transitions per NIST SP 800-131A Revision 1
  • 0053 – Removal of FCS_IPSEC_EXT.1.12 Test 5 from VPN IPSEC Client v1.4
  • 0042 – Removal of Low-level Crypto Failure Audit from PPs
  • 0037 – IPsec Requirement_DN Verification
  • 0014 – Satisfying FCS_IPSEC_EXT.1.13 in VPN GW EP

Please forward any questions or comments to

Site Map              Contact Us              Home