NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems

Short Name: mod_mdm_agent_v1.0

Technology Type: Mobility

CC Version: 3.1

Date: 2019.04.25

Preceded By: ep_mdm_agent_v3.0

Conformance Claim: None

Protection Profile 

Supporting Docs 

PP Configuration for MDM-MDM_AGENT_V1.0 

Control Mapping 

PP Configuration for MDF-MDM_AGENT-VPNC_V1.0  

PP Configuration for MDF-MDMA-VPNC-BT_V1.0  

PP Configuration for MDF-MDMA-VPNC-BT_V1.1  

PP Configuration for MDF-BIO-BT-MDMA-VPNC-WLANC_V1.0  

PP Configuration for MDF-BIO-MDMA-VPNC-WLANC_V1.0  

PP Configuration for MDF-MDMA-VPNC-WLANC_V1.0  

PP Configuration for MDF-BIO-BT-MDMA-WLANC_V1.0  

PP OVERVIEW

The MDM system consists of two primary components: the MDM Server software and the MDM Agent. This PP-Module specifically addresses the MDM Agent. The MDM Agent establishes a secure connection back to the MDM Server, from which it receives policies to enforce on the mobile device. Optionally, the MDM Agent interacts with the Mobile Application Store (MAS) Server to download and install enterprise-hosted applications.

A compliant MDM Agent is installed on a mobile device as an application (supplied by the developer of the MDM Server software) or is part of the mobile device's OS.This PP-Module builds on either the MDF PP or the MDM PP. A TOE that claims conformance to this PP-Module must also claim conformance to one of those PPs as its Base-PP. A compliant TOE is obligated to implement the functionality required in the Base-PP along with the additional functionality defined in this PP-Module in order to mitigate the threats that are defined by this PP-Module.

This PP-Module shall build on the MDF PP if the TOE is a native part of a mobile operating system. The TOE for this PP-Module combined with the MDF PP is the mobile device itself plus the MDM Agent. If the MDM Agent is part of the mobile device’s OS, the MDM Agent may present multiple interfaces for configuring the mobile device, such as a local interface and a remote interface. Agents conforming to this PP-Module must at least offer an interface with a trusted channel that serves as one piece of an MDM system. Conformant MDM Agents may also offer other interfaces, and the configuration aspects of these additional interfaces are in scope of this PP-Module.

This PP-Module shall build on the MDM Server PP if the TOE is a third-party application that is provided with an MDM Server and installed on a mobile device by the user after acquiring the mobile device. The distributed TOE for this PP-Module combined with the MDM Server PP is the entire MDM environment, which includes both the MDM Server and the MDM Agent. Even though the mobile device itself is not part of the TOE, it is expected to be evaluated against the MDF PP so that its baseline security capabilities can be assumed to be present.

Assigned to the following Validated Products

• VID11196 – MobileIron Platform 11
• VID11237 – Apple iOS 15
• VID11238 – Apple iPadOS 15
• VID11326 – VMware Workspace ONE Unified Endpoint Management Version 2209
• VID11349 – Apple iOS 16: iPhones
• VID11350 – Apple iPadOS 16: iPads
• VID11362 – Samsung SDS EMM and EMM Agent for Android v2.2.5
• VID11419 – Google Pixel Devices on Android 14

Active Related Technical Decisions

• 0755 – MDM-Agent Policy Authenticity
  • References:  FMT_POL_EXT.2, FCS_STG_EXT.4, FMT_SMF_EXT.4, MOD_MDM_AGENT_V1.0-SD
• 0673 – MDM-Agent PP-Module updated to allow for new PP and PP-Module Versions
  • References:  Section 1.1, Section 2
• 0660 – Mislabeled SFRs in MDM Agent Auditable Events Table
  • References:  FAU_GEN.1(2)
• 0650 – Conformance claim sections updated to allow for MOD_VPNC_V2.3 and 2.4
  • References:  Section 2
• 0600 – Conformance claim sections updated to allow for MOD_VPNC_V2.3
  • References:  Section 2
• 0497 – SFR Rationale, Consistency of SPD, and Implicitly Satisfied SFRs
  • References:  Section 5, Section 6, and Appendix H

Archived Related Technical Decision

• 0491 – Update to FMT_SMF_EXT.4 Test 2