This page was not yet optimized for use on mobile devices.
Network Device Protection Profile Extended Package VPN Gateway
Web information ?
Status: archivedCertification date: 2013-04-12
Archived date: 2016-02-27
Scheme: 🇺🇸
Category: Boundary Protection Devices and Systems
Security level: None
Certification report ?
Extracted keywords
Protocols
IPsec, VPNVendor
Cisco, Cisco Systems, Cisco Systems, IncClaims
O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, O.PORT_FILTERING, O.CLIENT_ESTABLISHMENT_CONSTRAINTS, O.REMOTE_SESSION_TERMINATION, O.ASSIGNED_PRIVATE_ADDRESS, T.NETWORK_DISCLOSURE, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.TSF_FAILURE, T.REPLAY_ATTACK, T.DATA_INTEGRITY, T.UNAUTHORIZED_CONNECTION, T.HIJACKED_SESSION, T.UNPROTECTED_TRAFFIC, A.CONNECTIONS, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
AVA_VAN.1, AVA_VAN, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.2, APE_REQ.1Security Functional Requirements (SFR)
FAU_GEN, FCS_CKM.1, FCS_COP.1, FCS_RBG_EXT, FIA_AFL, FIA_PSK_EXT, FMT_MOF, FMT_SMF, FPT_FLS, FPT_TUD_EXT, FTA_SSL, FTA_TSE, FTA_VCM_EXT, FTP_ITCEvaluation facilities
LeidosCertification process
out of scope, written by the Leidos CCTL. Similarly, for materials covered by the Fortress evaluation that were out of scope of the Aruba Networks evaluation, the ETR produced by Leidos was referenced. Additional review ofFile metadata
| Creation date | D:20150417144940-04'00' |
|---|---|
| Modification date | D:20150417162506-04'00' |
| Pages | 11 |
Profile ?
Extracted keywords
Symmetric Algorithms
AES, AES-, HMACAsymmetric Algorithms
ECDSA, Diffie-Hellman, DHHash functions
SHA-1, SHA-512Protocols
SSH, TLS, IKE, IKEv1, IKEv2, IPsec, VPNRandomness
RBGElliptic Curves
P-384, P-521, P-256Block cipher modes
CBC, GCMClaims
O.CRYPTOGRAPHIC_FUNCTIONS, O.AUTHENTICATION, O.ADDRESS_FILTERING, O.FAIL_SECURE, O.PORT_FILTERING, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, O.RELATED_CONNECTION_FILTERING, O.CLIENT_ESTABLISHMENT_CONSTRAINTS, O.REMOTE_SESSION_TERMINATION, O.ASSIGNED_PRIVATE_ADDRESS, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.DATA_INTEGRITY, T.REPLAY_ATTACK, T.TSF_FAILURE, T.UNAUTHORIZED_CONNECTION, T.HIJACKED_SESSION, A.CONNECTIONS, OE.CONNECTIONSSecurity Assurance Requirements (SAR)
AVA_VAN.1Security Functional Requirements (SFR)
FAU_GEN.1, FCS_CKM.1, FCS_COP.1, FCS_RBG_EXT.1, FCS_CKM.1.1, FCS_COP.1.1, FCS_RBG_EXT.1.1, FCS_CKM.1.2, FIA_AFL.1, FIA_PSK_EXT, FIA_PSK_EXT.1, FIA_AFL, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.1.3, FIA_PSK_EXT.1.4, FMT_MOF.1, FMT_SMF.1, FMT_SMF.1.1, FMT_MOF.1.1, FPT_FLS.1, FPT_TST_EXT.1.2, FPT_TST_EXT.1, FPT_TUD_EXT.1, FPT_TUD_EXT.1.3, FPT_FLS.1.1, FPT_TST_EXT.1.1, FTA_SSL.3, FTA_TSE.1, FTA_VCM_EXT.1, FTA_SSL.3.1, FTA_TSE.1.1, FTA_VCM_EXT.1.1, FTP_ITC.1, FTP_ITC.1.1Standards
FIPS PUB 197, FIPS PUB 186-3, FIPS 186-3, NIST SP 800-38D, NIST SP 800-38A, NIST SP 800-38B, NIST SP 800-38C, NIST SP 800-38E, NIST SP 800-57, RFC 4301, RFC 4303, RFC 4106, RFC 3602, RFC 4109, RFC 4304, RFC 4868, RFC 6379, RFC 5282, RFC 4945, RFC 791, RFC 2460, RFC 793, RFC 768, RFC792, RFC 5280, RFC 2986, RFC 2560, RFC 5759, RFC 5996, X.509File metadata
| Title | NDPP Extended Package VPN Gateway |
|---|---|
| Author | James Donndelinger |
| Creation date | D:20130415102300Z |
| Modification date | D:20150417162625-04'00' |
| Pages | 51 |
| Creator | Microsoft® Office Word 2007 |
| Producer | Microsoft® Office Word 2007 |
References ?
- ARUBA NETWORKS VIRTUAL MOBILITY CONTROLLER (HARDENED CHASSIS RUNNING VMWARE ESXI) WITH ARUBAOS 6.4.2.0 - 1.3 FIPS archived
- Aruba Networks Mobility Controller v6.4.3.4-FIPS archived
- Brocade MLXe and NetIron Family Devices with Multi-Service IronWare R05.9 archived
- CISCO ADAPTIVE SECURITY APPLIANCES (ASA) AND CISCO ADAPTIVE SECURITY APPLIANCES VIRTUAL (ASAV) Version: ASA 9.4(1.13), ASAv 9.4(1.240) ASDM 7.4Components: ASA 5500 Series (5506-X, 5506-H, 5506-W, 5508-X, 5516-X) and ASAv running on VM ESXi 5.1 and 5.5 on the Unified Computing System (UCS) EN120E, EN120S M2, E140S M1, E140S M2, E140D M1, E160D M2, E160D M1, E180D M2, E140DP M1, E160DP M1, C22 M3, C24 M3, C220 M3, C220 M4, C240 M3, C240 M4, C260 M2, C420 M3, C460 M2, and C460 M4 archived
- Check Point Software Technologies Ltd. Security Appliances R77.30 archived
- Cisco 5915 and 5940 Embedded Services Router archived
- Cisco Adaptive Security Appliances (ASA) Firewall and Virtual Private Network (VPN) Platform, version 9.4(1) archived
- Cisco Aggregation Services Router (ASR) 1000 Series, IOS XE 3.13 archived
- Cisco Embedded Services Router 5900 Series (ESR 5900), Integrated Services Router 800 Series (ISR-800), Integrated Services Router 800M Series (ISR-800M) & Industrial Router 800 Series (IR-800) archived
- Cisco Integrated Service Routers Generation 2 (ISR G2) archived
- Cisco Integrated Services Router (ISR) 800 Series archived
- Cisco Integrated Services Router 4400 Series (ISR-4400), IOS XE 3.13.0 archived
- Cisco Integrated Services Router Generation 2 (ISR G2), Integrated Services Router 800 Series (ISR-800) and Connected Grid Router 2010 archived
- Cisco Integrated Services Routers (ISR) 4000 Family v3.13.2 archived
- Cisco Integrated Services Routers Series (ISR-4400), IOS XE 3.10.2tS archived
- Cisco X-ES Xpedite5205 Embedded Services Router archived
- Fortress Mesh Point ES210, ES520, ES820, ES2440 archived
- IAS Router Series: IAS STEW, IAS KG-RU, IAS Router MICRO archived
- JUNIPER NETWORKS, INC JUNOS 15.1X49-D60 archived
- JUNOS 12.3 X48-D30 FOR SRX PLATFORMSComponents: SRX100, SRX110, SRX210, SRX220, SRX240, SRX550 and SRX650; SRX5400, SRX5400E SRX5600, SRX5600E, SRX5800 and SRX5800E with SPC-4-15-320 archived
- Juniper Networks, Inc. Junos 12.1 X46 D20 for SRX Series and LN Series Platforms archived
- Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7000 Series, VM Series, Next-Generation Firewall with PAN-OS 7.0.1-h4 archived
Updates ?
-
04.02.2025 The protection profile was first processed.
New Protection Profile
A new Protection Profile with the name Network Device Protection Profile Extended Package VPN Gateway was processed.
Raw data
{
"_id": "bb67fb1b4f10e7a5",
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"dgst": "bb67fb1b4f10e7a5",
"heuristics": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics"
},
"pdf_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData",
"pp_filename": "pp_nd_vpn_gw_ep_v1.1.pdf",
"pp_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 7
}
},
"FF": {
"DH": {
"DH": 9,
"Diffie-Hellman": 3
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 2
},
"O": {
"O.ADDRESS_FILTERING": 5,
"O.ASSIGNED_PRIVATE_ADDRESS": 1,
"O.AUTHENTICATION": 2,
"O.CLIENT_ESTABLISHMENT_CONSTRAINTS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 4,
"O.FAIL_SECURE": 3,
"O.PORT_FILTERING": 5,
"O.RELATED_CONNECTION_FILTERING": 1,
"O.REMOTE_SESSION_TERMINATION": 1,
"O.SYSTEM_MONITORING": 3,
"O.TOE_ADMINISTRATION": 2
},
"OE": {
"OE.CONNECTIONS": 2
},
"T": {
"T.DATA_INTEGRITY": 3,
"T.HIJACKED_SESSION": 1,
"T.NETWORK_DISCLOSURE": 3,
"T.NETWORK_MISUSE": 3,
"T.REPLAY_ATTACK": 3,
"T.TSF_FAILURE": 2,
"T.UNAUTHORIZED_CONNECTION": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"AVA": {
"AVA_VAN.1": 2
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 6
},
"FCS": {
"FCS_CKM.1": 6,
"FCS_CKM.1.1": 2,
"FCS_CKM.1.2": 2,
"FCS_COP.1": 8,
"FCS_COP.1.1": 3,
"FCS_RBG_EXT.1": 5,
"FCS_RBG_EXT.1.1": 1
},
"FIA": {
"FIA_AFL": 1,
"FIA_AFL.1": 5,
"FIA_AFL.1.1": 1,
"FIA_AFL.1.2": 1,
"FIA_PSK_EXT": 2,
"FIA_PSK_EXT.1": 2,
"FIA_PSK_EXT.1.1": 1,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.1.3": 2,
"FIA_PSK_EXT.1.4": 1
},
"FMT": {
"FMT_MOF.1": 2,
"FMT_MOF.1.1": 1,
"FMT_SMF.1": 4,
"FMT_SMF.1.1": 1
},
"FPT": {
"FPT_FLS.1": 7,
"FPT_FLS.1.1": 1,
"FPT_TST_EXT.1": 2,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.1.2": 3,
"FPT_TUD_EXT.1": 1,
"FPT_TUD_EXT.1.3": 1
},
"FTA": {
"FTA_SSL.3": 3,
"FTA_SSL.3.1": 1,
"FTA_TSE.1": 3,
"FTA_TSE.1.1": 1,
"FTA_VCM_EXT.1": 3,
"FTA_VCM_EXT.1.1": 1
},
"FTP": {
"FTP_ITC.1": 2,
"FTP_ITC.1.1": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"GCM": {
"GCM": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 23,
"IKEv1": 17,
"IKEv2": 12
},
"IPsec": {
"IPsec": 29
},
"SSH": {
"SSH": 5
},
"TLS": {
"TLS": {
"TLS": 5
}
},
"VPN": {
"VPN": 70
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 4,
"P-384": 6,
"P-521": 6
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 1
},
"SHA2": {
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RBG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 186-3": 3,
"FIPS PUB 186-3": 8,
"FIPS PUB 197": 1
},
"NIST": {
"NIST SP 800-38A": 1,
"NIST SP 800-38B": 1,
"NIST SP 800-38C": 1,
"NIST SP 800-38D": 1,
"NIST SP 800-38E": 1,
"NIST SP 800-57": 2
},
"RFC": {
"RFC 2460": 3,
"RFC 2560": 1,
"RFC 2986": 1,
"RFC 3602": 1,
"RFC 4106": 1,
"RFC 4109": 1,
"RFC 4301": 2,
"RFC 4303": 1,
"RFC 4304": 1,
"RFC 4868": 2,
"RFC 4945": 1,
"RFC 5280": 1,
"RFC 5282": 1,
"RFC 5759": 1,
"RFC 5996": 1,
"RFC 6379": 1,
"RFC 768": 3,
"RFC 791": 3,
"RFC 793": 3,
"RFC792": 1
},
"X509": {
"X.509": 6
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 5,
"AES-": 1
}
},
"constructions": {
"MAC": {
"HMAC": 3
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"pp_metadata": {
"/Author": "James Donndelinger",
"/CreationDate": "D:20130415102300Z",
"/Creator": "Microsoft\u00ae Office Word 2007",
"/ModDate": "D:20150417162625-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Office Word 2007",
"/Title": "NDPP Extended Package VPN Gateway",
"pdf_file_size_bytes": 1236384,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.niap-ccevs.org/pp/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 51
},
"report_filename": "ep_vpn_gw_v1.1-vr.pdf",
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.ASSIGNED_PRIVATE_ADDRESS": 1,
"O.AUTHENTICATION": 1,
"O.CLIENT_ESTABLISHMENT_CONSTRAINTS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.FAIL_SECURE": 1,
"O.PORT_FILTERING": 1,
"O.REMOTE_SESSION_TERMINATION": 1
},
"OE": {
"OE.CONNECTIONS": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.HIJACKED_SESSION": 1,
"T.NETWORK_ACCESS": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1,
"T.TSF_FAILURE": 1,
"T.UNAUTHORIZED_CONNECTION": 1,
"T.UNPROTECTED_TRAFFIC": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"APE": {
"APE_CCL.1": 1,
"APE_ECD.1": 1,
"APE_INT.1": 1,
"APE_OBJ.2": 1,
"APE_REQ.1": 1
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.1": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN": 1
},
"FCS": {
"FCS_CKM.1": 2,
"FCS_COP.1": 2,
"FCS_RBG_EXT": 1
},
"FIA": {
"FIA_AFL": 1,
"FIA_PSK_EXT": 1
},
"FMT": {
"FMT_MOF": 1,
"FMT_SMF": 1
},
"FPT": {
"FPT_FLS": 1,
"FPT_TUD_EXT": 1
},
"FTA": {
"FTA_SSL": 1,
"FTA_TSE": 1,
"FTA_VCM_EXT": 1
},
"FTP": {
"FTP_ITC": 1
}
},
"certification_process": {
"OutOfScope": {
" written by the Leidos CCTL. Similarly, for materials covered by the Fortress evaluation that were out of scope of the Aruba Networks evaluation, the ETR produced by Leidos was referenced. Additional review of": 1,
"out of scope": 1
}
},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IPsec": {
"IPsec": 1
},
"VPN": {
"VPN": 23
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Leidos": {
"Leidos": 7
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 10,
"Cisco Systems": 1,
"Cisco Systems, Inc": 1
}
},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20150417144940-04\u002700\u0027",
"/ModDate": "D:20150417162506-04\u002700\u0027",
"pdf_file_size_bytes": 408267,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 11
}
},
"state": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState",
"pp": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "80d5b35bd6a05d7f234f97f81aeb04666ca4c0e08859872e862f2a99754f2434",
"txt_hash": "7fb14e39c6819f63124406b4834fe4f4997fdf77ed1f7752d082a9fe69b6fa96"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "eae2e9847d6894984889a36d668f5b5765ecda6d13a811c0c2fbe1ff05ad07bf",
"txt_hash": "477b04c6ddfc4b2ee324edb14be91aeae00993534b17c24f4d0d713fb1e60cc3"
}
},
"web_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData",
"category": "Boundary Protection Devices and Systems",
"is_collaborative": false,
"maintenances": [],
"name": "Network Device Protection Profile Extended Package VPN Gateway",
"not_valid_after": "2016-02-27",
"not_valid_before": "2013-04-12",
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/pp_nd_vpn_gw_ep_v1.1.pdf",
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ep_vpn_gw_v1.1-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": [
"None"
]
},
"status": "archived",
"version": "HTTP/1.1"
}
}