NIAP: Archived U.S. Government Approved Protection Profile - Network Device Protection Profile (NDPP) Extended Package Stateful Tr...

Short Name: pp_nd_tffw_ep_v1.0

Technology Type: Firewall

CC Version: 3.1

Date: 19 December 2011

Succeeded By: cpp_fw_v1.0

Sunset Date: 27 August 2015 [Sunset Icon]

Conformance Claim: None



Stateful Traffic Filter Firewalls address a range of security threats related to infiltration into a protected network and exfiltration from a protected network. The term protected network is used here to represent an attached network for which rules are defined to control access. As such, a given Stateful Traffic Filter Firewall could potentially have a variety of attached protected and unprotected networks simultaneously depending on its specific configuration. Also, it should be clear that all attached networks are presumed to be protectable at the discretion of an authorized administrator.

Note that this EP does not repeat the threats identified in the NDPP, though they all apply given the conformance and hence dependence of this EP on the NDPP. Note also that while the NDPP contains only threats to the ability of the TOE to provide its security functions, this EP addresses only business threats to resources in the operational environment. Together the threats of the NDPP and those defined in this EP define the comprehensive set of security threats addressed by a Stateful Traffic Filter Firewall TOE.

This U.S. Government Approved Protection Profile is not assigned to any Validated Products

Related Technical Decision

  • 0013 – AVA_VAN.1 in VPN GW EP

Please forward any questions or comments to

Site Map              Contact Us              Home