PP-Configuration for Network Device and Virtual Private Network
(VPN) Gateways
Version: 1.2
2022-03-31
National Information Assurance Partnership
Page 2 of 4
Table of Contents
1 Introduction ..........................................................................................................................................3
1.1 Overview .......................................................................................................................................3
1.2 PP-Configuration Reference..........................................................................................................3
1.3 PP-Configuration Components Statement ....................................................................................3
2 Conformance Claims .............................................................................................................................4
2.1 CC Conformance............................................................................................................................4
2.2 SAR Statement...............................................................................................................................4
Page 3 of 4
1 Introduction
1.1 Overview
This PP-Configuration is for a network device that can act as a VPN gateway.
1.2 PP-Configuration Reference
This PP-Configuration is identified as follows:
• PP-Configuration for Network Device and Virtual Private Network (VPN) Gateways, Version 1.2,
31 March 2022
• As a shorthand reference, it can be identified as "CFG_NDcPP-VPNGW_V1.2"
1.3 PP-Configuration Components Statement
This PP-Configuration includes the following components:
• Base-PP: collaborative Protection Profile for Network Devices, Version 2.2e (CPP_ND_V2.2E)
• PP-Module: PP-Module for Virtual Private Network (VPN) Gateways, Version 1.2
(MOD_VPNGW_V1.2)
Page 4 of 4
2 Conformance Claims
2.1 CC Conformance
Conformance Statement
To be conformant to this PP-Configuration, an ST must demonstrate Exact Conformance, as defined by
the CC and CEM addenda for Exact Conformance, Selection-Based SFRs, and Optional SFRs (dated May
2017).
CC Conformance Claims
This PP-Configuration, and its components specified in section 1.3, are conformant to Parts 2 (extended)
and 3 (conformant) of Common Criteria Version 3.1, Release 5 [CC].
2.2 SAR Statement
In order to evaluate a TOE that claims conformance to this PP-Configuration, the evaluator shall evaluate
the TOE against the following SARs that the Base-PP defines:
Assurance Class Assurance Components
Security Target (ASE) Conformance Claims (ASE_CCL.1)
Extended Components Definition (ASE_ECD.1)
ST Introduction (ASE_INT.1)
Security Objectives for the Operational Environment (ASE_OBJ.1)
Stated Security Requirements (ASE_REQ.1)
Security Problem Definition (ASE_SPD.1)
TOE Summary Specification (ASE_TSS.1)
Development (ADV) Basic Functional Specification (ADV_FSP.1)
Guidance Documents (AGD) Operational User Guidance (AGD_OPE.1)
Preparative Procedures (AGD_PRE.1)
Life Cycle Support (ALC) Labeling of the TOE (ALC_CMC.1)
TOE CM Coverage (ALC_CMS.1)
Tests (ATE) Independent Testing – Conformance (ATE_IND.1)
Vulnerability Assessment (AVA) Vulnerability Survey (AVA_VAN.1)
The Supporting Document included with the PP-Module contains specific information with respect to the
evaluation of the SARs listed in the table above. Similarly, the Base-PP also has a separate Supporting
Document that contains the same sort of information on how to evaluate the SARs.