NIAP: Archived U.S. Government Approved Protection Profile - Protection Profile for Network Devices Version 1.1

Short Name: pp_nd_v1.1

Technology Type: Network Device

CC Version: 3.1

Date: 08 June 2012

Preceded By: pp_nd_v1.0

Succeeded By: cpp_nd_v1.0

Sunset Date: 27 August 2015 [Sunset Icon]

Conformance Claim: None



This Protection Profile (PP), describing security requirements for a Network Device (defined to be an infrastructure device that can be connected to a network), is intended to provide a minimal, baseline set of requirements that are targeted at mitigating well defined and described threats. It represents an evolution of "traditional" Protection Profiles and the associated evaluation of the requirements contained within the document. This introduction will describe the features of a compliant TOE, and will also discuss the evolutionary aspects of the PP as a guide to readers of the document.

This is a Protection Profile (PP) for a network device. A network device in the context of this PP is a device composed of hardware and software that is connected to the network and has an infrastructure role in the overall enterprise. Examples of a "network device" that should claim compliance to this PP include routers, firewalls, IDSs, audit servers, and switches that have Layer 3 functionality. Examples of devices that connect to a network but are not suitable for evaluation against this PP include mobile devices ("smart phones"), end-user workstations, SQL servers, web servers, application servers, and database servers.

Compliant TOEs will provide security functionality that addresses threats to the TOE and implements policies that are imposed by law or regulation. Compliant TOEs must protect communications to and between elements of a distributed TOE (e.g., between a network IDS sensor and the centralized IDS manager) or instantiations of the TOE in a single enterprise (e.g., between routers). The TOE must offer identification and authentication services that support the composition of moderate complex passwords or passphrases, and make these services available locally (that is, a local logon) as well as remotely (remote login). The TOE must also offer auditing of a set of events that are associated with security-relevant activity on the TOE, although these events will be stored on a device that is distinct from the TOE. The TOE must offer some protection for common network denial of service attacks and must also provide the ability to verify the source of updates to the TOE.

While the protocols required by this PP make use of certificates, this version of the PP does not levy requirements on the certificate infrastructure (for example, using OCSP to verify a certificate's validity). Such requirements will be included in future versions of this document.

It is intended that the set of requirements in this PP is limited in scope in order to promote quicker, less costly evaluations that provide some value to end users. STs that include a large amount of additional functionality (and requirements) are discouraged. Future modules will be used to specify sets of additional functionality (e.g., Firewalls, VPNs), which can then be used by ST writers looking to specify additional functionality.

Version 1.1 was updated with comments from community review and application of product evaluations.

Assigned to the following Validated Products

Related Technical Decisions

  • 0035 – Alignment of FTP_ITC.1. to NDPP V1.1 Errata #3
  • 0032 – Update to FCS_SSH_EXT.1.2
  • 0031 – ANSI X9.31 Reference in FCS_CKM.1(2) in VPN GW EP
  • 0026 – Update to FPT_TUD_EXT.1
  • 0022 – Removal of Image Verification Test for WLAN AS PP
  • 0019 – Testing Data Channel Modification for FTP_ITC.1 and FTP_TRP.1
  • 0017 – NDPP Audit Shutdown
  • 0016 – Application of TD0005 and ERRATA2 to WLANASPP for FPT_ITT, FTP_ITC, and FTP_TRP
  • 0012 – FCS_SSH_EXT.1 Conflict Resolution
  • 0011 – Clarification on FCS_SSH_EXT.1.4
  • 0009 – WLAN AS and NDPP Errata 2
  • 0005 – FPT_ITT Test 3 Resolution
  • 0004 – FCS_TLS_EXT Man-in-the-Middle Tests
  • 0002 – FIA_PMG_EXT.1 Requirement in WLAN AS PP v1.0
  • 0001 – AES-GCM-128 in NDPP Errata #2

Please forward any questions or comments to

Site Map              Contact Us              Home