NIAP: U.S. Government Approved Protection Profile - PP-Module for Virtual Private Network (VPN) Gateways Version 1.3

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help
  NIAP  »»  Protection Profiles  »»  Approved PPs  »»  Details  
U.S. Government Approved Protection Profile - PP-Module for Virtual Private Network (VPN) Gateways Version 1.3

Short Name: mod_vpngw_v1.3

Technology Type: Virtual Private Network

CC Version: 3.1

Date: 2023.08.16

Transition End Date: 2023.11.16

Preceded By: mod_vpngw_v1.2

Conformance Claim: None

Protection Profile

Protection Profile [PDF]

Supporting Docs [PDF]

Supporting Documents

PP Configuration Document for NDcPP-FW-MACsec-VPNGW_v1.1  [PDF]

PP Configuration Document for NDcPP-FW-VPNGW_v1.3  [PDF]

PP Configuration Document NDcPP-MACsec-VPNGW_v1.3  [PDF]

PP Configuration Document for NDcPP-VPNGW-WLANAS_V1.1  [PDF]

PP Configuration Document for NDcPP-WLANAS-FW-VPNGW_v1.1  [PDF]

PP Configuration Document for NDcPP-IPS-FW-VPNGW_V1.2  [PDF]

PP Configuration for NDcPP-VPNGW_V1.3  [PDF]

PP Configuration Document for NDcPP-FW-MACsec-VPNGW_v2.0  [PDF]

PP Configuration Document for NDcPP-FW-VPNGW_v2.0  [PDF]

PP Configuration Document for NDcPP-IPS-FW-VPNGW_v2.0  [PDF]

PP Configuration Document for NDcPP-MACsec-VPNGW_v2.0  [PDF]

PP Configuration Document for NDcPP-VPNGW_v2.0  [PDF]

PP Configuration Document for NDcPP-VPNGW-WLANAS_v2.0  [PDF]

PP Configuration Document for NDcPP-WLANAS-FW-VPNGW_v2.0  [PDF]



This PP-Module defines requirements for the evaluation of VPN Gateways in addition to the requirements of the Base-PP which specifies requirements on network devices in general. This PP-Module specifically addresses network gateway devices that terminate IPsec VPN tunnels. A compliant VPN gateway is a device composed of hardware and software that is connected to two or more distinct networks and has an infrastructure role in the overall enterprise network. In particular, a VPN gateway establishes a secure tunnel that provides an authenticated and encrypted path to another site(s) and thereby decreases the risk of exposure of information transiting an untrusted network. The baseline requirements of this PP-Module are those determined necessary for a multi-site VPN gateway device. A compliant TOE may also contain the ability to act as a headend for remote clients.

Assigned to the following Validated Products

Active Related Technical Decisions

Archived Related Technical Decision

Please forward any Protection Profile specific comments to the applicable Technical Rapid Response Team (TRRT).

Please forward any general questions to our Q&A tool.

Site Map              Contact Us              Home