NIAP: U.S. Government Approved Protection Profile - PP-Module for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS) Versi...

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - PP-Module for Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS) Version 1.0

Short Name: mod_wids_v1.0

Technology Type: Wireless Monitoring

CC Version: 3.1

Date: 2020.09.30

Preceded By: ep_wids_v1.0

Conformance Claim: None

Protection Profile [PDF]

Protection Profile

Supporting Docs [PDF]

Supporting Docs

PP Configuration for NDcPP-WIDS_v1.0 [PDF]

PP Configuration for NDcPP-WIDS-WLANAS_v1.0 [PDF]

Control Mapping [PDF]

PP Configuration Document for NDcPP-WIDS_v2.0  [PDF]

PP Configuration Document for NDcPP-WIDS-WLANAS_v2.0  [PDF]



This PP-Module specifically addresses Wireless Intrusion Detection/Prevention Systems (WIDS/WIPS). A conformant WIDS/WIPS is a product that can monitor, collect, inspect,  and analyze real-time network traffic and alert the administrator of policy violations.  WIPS functionality is not required to conform to this PP-Module, and it is optional for the TOE to have the additional ability to react in real-time to potentially malicious wireless (IEEE 802.11) network traffic. A WIDS/WIPS TOE consists of multiple sensors that passively scan the RF environment on the WLAN radio frequency spectrum and a centralized mechanism such as a Server or Controller that processes the data collected by the sensors. Conformant TOEs must use a secure communication path(s) between WIDS/WIPS components. The WIDS/WIPS could use an Embedded (be part of the WLAN infrastructure) or Overlay (independent from WLAN) architecture depending on vendor implementation.

This PP-Module is focused on inspecting layers 1 and 2 of the OSI network model as the traffic that the WIDS/WIPS monitors is wireless frames in the RF spectrum utilized by IEEE 802.11 a, b, g, n, and ac. Requirements for other technologies (e.g., cellular) and protocols are optional.


Assigned to the following Validated Products

Active Related Technical Decisions

Archived Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home