This page was not yet optimized for use on mobile devices.
Extended Package for VPN Gateway
Web information
Status: archivedCertification date: 2015-12-01
Archived date: 2017-03-08
Scheme: 🇺🇸
Category: Data Protection
Security level: EAL1
Certification report
Extracted keywords
Protocols
IKE, VPNVendor
Cisco, Cisco SystemsClaims
O.CRYPTOGRAPHIC_FUNCTIONS, O.AUTHENTICATION, O.ADDRESS_FILTERING, O.FAIL_SECURE, O.PORT_FILTERING, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.DATA_INTEGRITY, T.REPLAY_ATTACK, A.CONNECTIONS, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
AVA_VAN, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.1, APE_REQ.1Security Functional Requirements (SFR)
FIA_AFL, FIA_PSK_EXT, FPT_FLS, FTA_SSL, FTA_TSE, FTA_VCM_EXT, FTP_ITCEvaluation facilities
Gossamer SecurityStandards
X.509File metadata
| Author | McGeady, Megan [USA] |
|---|---|
| Creation date | D:20170815135343-04'00' |
| Modification date | D:20170815135409-04'00' |
| Pages | 11 |
| Creator | Acrobat PDFMaker 11 for Word |
| Producer | Adobe PDF Library 11.0 |
Profile
Extracted keywords
Symmetric Algorithms
AES, AES-, HMACAsymmetric Algorithms
ECDSA, DHHash functions
SHA-1, SHA-512Protocols
SSH, TLS, IKE, IPsec, VPNRandomness
RBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, GCMClaims
O.CRYPTOGRAPHIC_FUNCTIONS, O.AUTHENTICATION, O.ADDRESS_FILTERING, O.FAIL_SECURE, O.PORT_FILTERING, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, O.RELATED_CONNECTION_FILTERING, O.CLIENT_ESTABLISHMENT_CONSTRAINTS, O.REMOTE_SESSION_TERMINATION, O.ASSIGNED_PRIVATE_ADDRESS, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.DATA_INTEGRITY, T.REPLAY_ATTACK, T.TSF_FAILURE, T.UNAUTHORIZED_CONNECTION, T.HIJACKED_SESSION, T.UNPROTECTED_TRAFFIC, A.CONNECTIONS, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
AVA_VAN.1Security Functional Requirements (SFR)
FAU_GEN.1, FCS_COP.1, FCS_CKM, FCS_RBG_EXT.1, FCS_COP.1.1, FCS_CKM.1, FIA_AFL.1, FIA_PSK_EXT, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.1.3, FIA_PSK_EXT.1.4, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_MTD.1, FPT_TST_EXT.1, FPT_TUD_EXT.1, FPT_FLS, FPT_TST_EXT.1.2, FPT_TUD_EXT.1.3, FPT_TUD_EXT.2, FPT_FLS.1, FPT_TST_EXT.1.1, FTA_SSL.3, FTA_TSE.1, FTA_VCM_EXT.1, FTA_SSL.3.1, FTA_TSE.1.1, FTA_VCM_EXT.1.1, FTP_ITC.1, FTP_ITC.1.1Standards
FIPS PUB 186-4, FIPS 186-4, RFC 4303, RFC 3602, RFC 4106, RFC 791, RFC 2460, RFC 793, RFC 768, RFC792, X.509File metadata
| Creation date | D:20151201094334-05'00' |
|---|---|
| Modification date | D:20151201094334-05'00' |
| Pages | 38 |
References
Updates
-
22.04.2025 The protection profile data changed.
Protection Profile changed
The PDF extraction data was updated.
- The report_metadata property was set to
{'pdf_file_size_bytes': 170820, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 11, '/Author': 'McGeady, Megan [USA]', '/Comments': '', '/Company': 'Booz Allen Hamilton', '/CreationDate': "D:20170815135343-04'00'", '/Creator': 'Acrobat PDFMaker 11 for Word', '/Keywords': '', '/ModDate': "D:20170815135409-04'00'", '/Producer': 'Adobe PDF Library 11.0', '/SourceModified': 'D:20170815175332', '/Subject': '', '/Title': '', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}. - The pp_metadata property was set to
{'pdf_file_size_bytes': 894860, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 38, '/CreationDate': "D:20151201094334-05'00'", '/ModDate': "D:20151201094334-05'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.niap-ccevs.org/pp/']}}. - The report_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {}, 'cc_sar': {'AVA': {'AVA_VAN': 1}, 'APE': {'APE_CCL.1': 1, 'APE_ECD.1': 1, 'APE_INT.1': 1, 'APE_OBJ.1': 1, 'APE_REQ.1': 1}}, 'cc_sfr': {'FIA': {'FIA_AFL': 1, 'FIA_PSK_EXT': 1}, 'FPT': {'FPT_FLS': 1}, 'FTA': {'FTA_SSL': 1, 'FTA_TSE': 1, 'FTA_VCM_EXT': 1}, 'FTP': {'FTP_ITC': 1}}, 'cc_claims': {'O': {'O.CRYPTOGRAPHIC_FUNCTIONS': 1, 'O.AUTHENTICATION': 1, 'O.ADDRESS_FILTERING': 1, 'O.FAIL_SECURE': 1, 'O.PORT_FILTERING': 1}, 'T': {'T.NETWORK_DISCLOSURE': 1, 'T.NETWORK_MISUSE': 1, 'T.DATA_INTEGRITY': 1, 'T.REPLAY_ATTACK': 1}, 'A': {'A.CONNECTIONS': 1}, 'OE': {'OE.CONNECTIONS': 1}}, 'vendor': {'Cisco': {'Cisco': 21, 'Cisco Systems': 2}}, 'eval_facility': {'Gossamer': {'Gossamer Security': 5}}, 'symmetric_crypto': {}, 'asymmetric_crypto': {}, 'pq_crypto': {}, 'hash_function': {}, 'crypto_scheme': {}, 'crypto_protocol': {'IKE': {'IKE': 1}, 'VPN': {'VPN': 22}}, 'randomness': {}, 'cipher_mode': {}, 'ecc_curve': {}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'X509': {'X.509': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}. - The pp_keywords property was set to
{'cc_cert_id': {}, 'cc_protection_profile_id': {}, 'cc_security_level': {}, 'cc_sar': {'AVA': {'AVA_VAN.1': 2}}, 'cc_sfr': {'FAU': {'FAU_GEN.1': 5}, 'FCS': {'FCS_COP.1': 5, 'FCS_CKM': 3, 'FCS_RBG_EXT.1': 3, 'FCS_COP.1.1': 1, 'FCS_CKM.1': 1}, 'FIA': {'FIA_AFL.1': 3, 'FIA_PSK_EXT': 2, 'FIA_AFL.1.1': 2, 'FIA_AFL.1.2': 2, 'FIA_PSK_EXT.1.1': 1, 'FIA_PSK_EXT.1.2': 2, 'FIA_PSK_EXT.1.3': 2, 'FIA_PSK_EXT.1.4': 1}, 'FMT': {'FMT_MOF': 3, 'FMT_MTD': 3, 'FMT_SMF.1': 5, 'FMT_MTD.1': 1}, 'FPT': {'FPT_TST_EXT.1': 4, 'FPT_TUD_EXT.1': 4, 'FPT_FLS': 3, 'FPT_TST_EXT.1.2': 3, 'FPT_TUD_EXT.1.3': 1, 'FPT_TUD_EXT.2': 1, 'FPT_FLS.1': 1, 'FPT_TST_EXT.1.1': 1}, 'FTA': {'FTA_SSL.3': 3, 'FTA_TSE.1': 4, 'FTA_VCM_EXT.1': 3, 'FTA_SSL.3.1': 1, 'FTA_TSE.1.1': 1, 'FTA_VCM_EXT.1.1': 1}, 'FTP': {'FTP_ITC.1': 5, 'FTP_ITC.1.1': 1}}, 'cc_claims': {'O': {'O.CRYPTOGRAPHIC_FUNCTIONS': 4, 'O.AUTHENTICATION': 2, 'O.ADDRESS_FILTERING': 5, 'O.FAIL_SECURE': 3, 'O.PORT_FILTERING': 5, 'O.SYSTEM_MONITORING': 2, 'O.TOE_ADMINISTRATION': 1, 'O.RELATED_CONNECTION_FILTERING': 1, 'O.CLIENT_ESTABLISHMENT_CONSTRAINTS': 1, 'O.REMOTE_SESSION_TERMINATION': 1, 'O.ASSIGNED_PRIVATE_ADDRESS': 1}, 'T': {'T.NETWORK_DISCLOSURE': 3, 'T.NETWORK_MISUSE': 3, 'T.DATA_INTEGRITY': 3, 'T.REPLAY_ATTACK': 3, 'T.TSF_FAILURE': 2, 'T.UNAUTHORIZED_CONNECTION': 1, 'T.HIJACKED_SESSION': 1, 'T.UNPROTECTED_TRAFFIC': 1}, 'A': {'A.CONNECTIONS': 2}, 'OE': {'OE.CONNECTIONS': 2}}, 'vendor': {}, 'eval_facility': {}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 3, 'AES-': 1}}, 'constructions': {'MAC': {'HMAC': 1}}}, 'asymmetric_crypto': {'ECC': {'ECDSA': {'ECDSA': 2}}, 'FF': {'DH': {'DH': 2}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA1': {'SHA-1': 1}, 'SHA2': {'SHA-512': 1}}}, 'crypto_scheme': {}, 'crypto_protocol': {'SSH': {'SSH': 4}, 'TLS': {'TLS': {'TLS': 4}}, 'IKE': {'IKE': 8}, 'IPsec': {'IPsec': 18}, 'VPN': {'VPN': 84}}, 'randomness': {'RNG': {'RBG': 1}}, 'cipher_mode': {'CBC': {'CBC': 3}, 'GCM': {'GCM': 3}}, 'ecc_curve': {'NIST': {'P-256': 2, 'P-384': 2, 'P-521': 2}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {}, 'technical_report_id': {}, 'device_model': {}, 'tee_name': {}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS PUB 186-4': 5, 'FIPS 186-4': 1}, 'RFC': {'RFC 4303': 1, 'RFC 3602': 1, 'RFC 4106': 2, 'RFC 791': 3, 'RFC 2460': 3, 'RFC 793': 3, 'RFC 768': 3, 'RFC792': 1}, 'X509': {'X.509': 3}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
The state of the protection profile object was updated.
- The pp property was updated, with the
{'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': '714f5eadfe2c29551c33b23b7fdee06b4eaf2629570035b5e543edc7ff0c8ed1', 'txt_hash': '36381fb6962c81233b4053817b7efbc31af0f6d21a9c5afb5b34009ec011a785'}data. - The report property was updated, with the
{'convert_garbage': False, 'convert_ok': True, 'extract_ok': True, 'pdf_hash': 'e85bcf8ee5f702f8b956345829b014640a430f380b181bdc872cf99d420b4049', 'txt_hash': 'f58ba136acdd824868de3ff37c6ef20bc9baf4981314b6d1687d2f692a82f822'}data.
- The report_metadata property was set to
-
14.04.2025 The protection profile data changed.
Protection Profile changed
The PDF extraction data was updated.
- The report_metadata property was set to
None. - The pp_metadata property was set to
None. - The report_keywords property was set to
None. - The pp_keywords property was set to
None.
The state of the protection profile object was updated.
- The pp property was updated, with the
{'convert_garbage': True, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': '6adef86c67e4bbbcbc8872bedf10c93c33839884a5cb1ca1d36f080444041ca7', 'txt_hash': None}data. - The report property was updated, with the
{'convert_garbage': True, 'convert_ok': False, 'extract_ok': False, 'pdf_hash': '6adef86c67e4bbbcbc8872bedf10c93c33839884a5cb1ca1d36f080444041ca7', 'txt_hash': None}data.
- The report_metadata property was set to
-
04.02.2025 The protection profile was first processed.
New Protection Profile
A new Protection Profile with the name Extended Package for VPN Gateway was processed.
Raw data
{
"_id": "261ef7b66c7adf03",
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"dgst": "261ef7b66c7adf03",
"heuristics": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics"
},
"pdf_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData",
"pp_filename": "pp_ndcpp_vpn_gw_ep_v2.0.pdf",
"pp_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 2
}
},
"FF": {
"DH": {
"DH": 2
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 2
},
"O": {
"O.ADDRESS_FILTERING": 5,
"O.ASSIGNED_PRIVATE_ADDRESS": 1,
"O.AUTHENTICATION": 2,
"O.CLIENT_ESTABLISHMENT_CONSTRAINTS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 4,
"O.FAIL_SECURE": 3,
"O.PORT_FILTERING": 5,
"O.RELATED_CONNECTION_FILTERING": 1,
"O.REMOTE_SESSION_TERMINATION": 1,
"O.SYSTEM_MONITORING": 2,
"O.TOE_ADMINISTRATION": 1
},
"OE": {
"OE.CONNECTIONS": 2
},
"T": {
"T.DATA_INTEGRITY": 3,
"T.HIJACKED_SESSION": 1,
"T.NETWORK_DISCLOSURE": 3,
"T.NETWORK_MISUSE": 3,
"T.REPLAY_ATTACK": 3,
"T.TSF_FAILURE": 2,
"T.UNAUTHORIZED_CONNECTION": 1,
"T.UNPROTECTED_TRAFFIC": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"AVA": {
"AVA_VAN.1": 2
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 5
},
"FCS": {
"FCS_CKM": 3,
"FCS_CKM.1": 1,
"FCS_COP.1": 5,
"FCS_COP.1.1": 1,
"FCS_RBG_EXT.1": 3
},
"FIA": {
"FIA_AFL.1": 3,
"FIA_AFL.1.1": 2,
"FIA_AFL.1.2": 2,
"FIA_PSK_EXT": 2,
"FIA_PSK_EXT.1.1": 1,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.1.3": 2,
"FIA_PSK_EXT.1.4": 1
},
"FMT": {
"FMT_MOF": 3,
"FMT_MTD": 3,
"FMT_MTD.1": 1,
"FMT_SMF.1": 5
},
"FPT": {
"FPT_FLS": 3,
"FPT_FLS.1": 1,
"FPT_TST_EXT.1": 4,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.1.2": 3,
"FPT_TUD_EXT.1": 4,
"FPT_TUD_EXT.1.3": 1,
"FPT_TUD_EXT.2": 1
},
"FTA": {
"FTA_SSL.3": 3,
"FTA_SSL.3.1": 1,
"FTA_TSE.1": 4,
"FTA_TSE.1.1": 1,
"FTA_VCM_EXT.1": 3,
"FTA_VCM_EXT.1.1": 1
},
"FTP": {
"FTP_ITC.1": 5,
"FTP_ITC.1.1": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"GCM": {
"GCM": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 8
},
"IPsec": {
"IPsec": 18
},
"SSH": {
"SSH": 4
},
"TLS": {
"TLS": {
"TLS": 4
}
},
"VPN": {
"VPN": 84
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 2,
"P-384": 2,
"P-521": 2
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 186-4": 1,
"FIPS PUB 186-4": 5
},
"RFC": {
"RFC 2460": 3,
"RFC 3602": 1,
"RFC 4106": 2,
"RFC 4303": 1,
"RFC 768": 3,
"RFC 791": 3,
"RFC 793": 3,
"RFC792": 1
},
"X509": {
"X.509": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 3,
"AES-": 1
}
},
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"pp_metadata": {
"/CreationDate": "D:20151201094334-05\u002700\u0027",
"/ModDate": "D:20151201094334-05\u002700\u0027",
"pdf_file_size_bytes": 894860,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.niap-ccevs.org/pp/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 38
},
"report_filename": "ep_ndcpp_vpn_gw_ep_v2.0-vr.pdf",
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.AUTHENTICATION": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.FAIL_SECURE": 1,
"O.PORT_FILTERING": 1
},
"OE": {
"OE.CONNECTIONS": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"APE": {
"APE_CCL.1": 1,
"APE_ECD.1": 1,
"APE_INT.1": 1,
"APE_OBJ.1": 1,
"APE_REQ.1": 1
},
"AVA": {
"AVA_VAN": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FIA": {
"FIA_AFL": 1,
"FIA_PSK_EXT": 1
},
"FPT": {
"FPT_FLS": 1
},
"FTA": {
"FTA_SSL": 1,
"FTA_TSE": 1,
"FTA_VCM_EXT": 1
},
"FTP": {
"FTP_ITC": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"VPN": {
"VPN": 22
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Gossamer": {
"Gossamer Security": 5
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"X509": {
"X.509": 1
}
},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 21,
"Cisco Systems": 2
}
},
"vulnerability": {}
},
"report_metadata": {
"/Author": "McGeady, Megan [USA]",
"/Comments": "",
"/Company": "Booz Allen Hamilton",
"/CreationDate": "D:20170815135343-04\u002700\u0027",
"/Creator": "Acrobat PDFMaker 11 for Word",
"/Keywords": "",
"/ModDate": "D:20170815135409-04\u002700\u0027",
"/Producer": "Adobe PDF Library 11.0",
"/SourceModified": "D:20170815175332",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 170820,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 11
}
},
"state": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState",
"pp": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "714f5eadfe2c29551c33b23b7fdee06b4eaf2629570035b5e543edc7ff0c8ed1",
"txt_hash": "36381fb6962c81233b4053817b7efbc31af0f6d21a9c5afb5b34009ec011a785"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "e85bcf8ee5f702f8b956345829b014640a430f380b181bdc872cf99d420b4049",
"txt_hash": "f58ba136acdd824868de3ff37c6ef20bc9baf4981314b6d1687d2f692a82f822"
}
},
"web_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData",
"category": "Data Protection",
"is_collaborative": false,
"maintenances": [],
"name": "Extended Package for VPN Gateway",
"not_valid_after": "2017-03-08",
"not_valid_before": "2015-12-01",
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_ndcpp_vpn_gw_ep_v2.0.pdf",
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ep_ndcpp_vpn_gw_ep_v2.0-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": [
"EAL1"
]
},
"status": "archived",
"version": "2.0"
}
}