NIAP: U.S. Government Approved Protection Profile - PP-Module for Enterprise Session Controller (ESC) Version 1.0

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - PP-Module for Enterprise Session Controller (ESC) Version 1.0

Short Name: mod_esc_v1.0

Technology Type: SIP Server

CC Version: 3.1

Date: 2020.11.20

Preceded By: ep_esc_v1.0

Conformance Claim: None

Protection Profile [PDF]

Supporting Docs [PDF]

PP Configuration for ND-ESC_v1.0 [PDF]

Control Mapping [PDF]

PP Configuration Document for NDcPP-ESC_v2.0  [PDF]



An Enterprise Session Controller (ESC) is a logical component of a physical hardware appliance that is responsible for establishing connectivity between Voice/Video over IP (VVoIP) endpoints. The ESC is an advanced version of a legacy IP-PBX system. As a specific type of network device, an ESC Target of Evaluation (TOE) will be evaluated against both the Network Device collaborative Protection Profile (NDcPP) and this PP-Module. All functionality described by the SFRs are within the TOE boundary, as is the ability for the TOE Security Functionality (TSF) to establish secure remote connections with trusted entities in the Operational Environment.

The ESC’s purpose is to provide an interface between VVoIP networks in order to connect calls. The ESC depends on or communicates with a number of services that are located within the internal network such as voicemail, conferencing, NTP, DNS, and software updates that are downloaded from VVoIP endpoint manufacturers and stored on the ESC for distribution to the clients. Certain storage capabilities may be implemented exclusively within the TOE or within both the TOE and its operational environment (such as the TOE maintaining an internal audit log that is also written to an external audit server).
For connecting networks, the ESC relies on edge routing to handle lower-level communications between the networks and on a Session Border Controller (SBC) to filter out potentially malicious activity.

The ESC provides the following logical capabilities:
• Operations, Administration, and Management Application (OA&M) – responsible for providing a management interface to the ESC’s configuration.
• Call Processing – responsible for setting up and tearing down calls between VVoIP endpoints using one or more call control protocols.
• Call Detail Records – responsible for storage of call activity for auditing purposes.
• Voice/Video Media Conferencing, Controls, and Storage – responsible for establishing multi-way conference calls and storage of call recordings.

Different ESCs may implement these capabilities in different ways. This PP-Module defines a minimum baseline of capabilities that all conformant ESCs must provide.

Assigned to the following Validated Products

Active Related Technical Decisions

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home