This page was not yet optimized for use on mobile devices.
Extended Package for VPN Gateway, Version 2.1
Web information ?
Status: archivedCertification date: 2017-03-08
Archived date: 2019-12-31
Scheme: 🇺🇸
Category: Data Protection
Security level: EAL1
Certification report ?
Extracted keywords
Protocols
IKE, IPsec, VPNVendor
CiscoClaims
O.ADDRESS_FILTERING, O.ASSIGNED_PRIVATE_ADDRESS, O.AUTHENTICATION, O.CLIENT_ESTABLISHMENT_CONSTRAINTS, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, O.PORT_FILTERING, O.REMOTE_SESSION_TERMINATION, O.SYSTEM_MONITORING, O.TOE_ADMINISTRATION, T.DATA_INTEGRITY, T.HIJACKED_SESSION, T.NETWORK_ACCESS, T.NETWORK_MISUSE, T.NETWORK_DISCLOSURE, T.REPLAY_ATTACK, T.UNAUTHORIZED_CONNECTION, T.UNPROTECTED_TRAFFIC, A.CONNECTIONSSecurity Assurance Requirements (SAR)
ADV_FSP.1, AGD_OPE, AGD_PRE, ALC_CMC, ALC_CMS, ATE_IND, AVA_VAN.1, AVA_VAN, APE_REQ, APE_CCL.1, APE_ECD.1, APE_INT.1, APE_OBJ.1, APE_REQ.1, ASE_CCL, ASE_ECD, ASE_INT, ASE_OBJ, ASE_REQ, ASE_SPD, ASE_TSSSecurity Functional Requirements (SFR)
FCS_COP.1, FCS_CKM, FIA_AFL.1, FIA_PSK_EXT, FMT_MTD, FPT_FLS, FPT_TST_EXT, FTA_VCM_EXT.1, FTA_TSE.1, FTA_SSL.3, FTA_SSL, FTA_TSE, FTA_VCM_EXT, FTP_ITC_EXTEvaluation facilities
Gossamer SecurityFile metadata
| Creation date | D:20171031092412-04'00' |
|---|---|
| Modification date | D:20171031092412-04'00' |
| Pages | 14 |
Profile ?
Extracted keywords
Symmetric Algorithms
AES, HMACAsymmetric Algorithms
ECDSA, DHHash functions
SHA-256, SHA-512Schemes
Key ExchangeProtocols
SSH, TLS, IKE, IPsec, VPNRandomness
RBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, GCMClaims
O.ADDRESS_FILTERING, O.AUTHENTICATION, O.CRYPTOGRAPHIC_FUNCTIONS, O.FAIL_SECURE, T.UNAUTHORIZED_CONNECTION, T.HIJACKED_SESSION, T.UNPROTECTED_TRAFFIC, T.DATA_INTEGRITY, T.NETWORK_ACCESS, T.NETWORK_DISCLOSURE, T.NETWORK_MISUSE, T.REPLAY_ATTACK, A.CONNECTIONSSecurity Assurance Requirements (SAR)
AVA_VAN.1, ASE_CCLSecurity Functional Requirements (SFR)
FAU_GEN.1, FCS_CKM, FCS_COP.1, FCS_RBG_EXT.1, FCS_COP.1.1, FCS_CKM.1, FIA_PSK_EXT, FIA_PSK_EXT.1, FIA_AFL.1, FIA_UIA_EXT.1, FIA_AFL.1.1, FIA_AFL.1.2, FIA_PSK_EXT.1.1, FIA_PSK_EXT.1.2, FIA_PSK_EXT.1.3, FIA_PSK_EXT.1.4, FMT_MOF, FMT_MTD, FMT_SMF.1, FMT_MTD.1.1, FMT_SMF.1.1, FPT_FLS, FPT_TST_EXT.1, FPT_TST_EXT.2, FPT_TUD_EXT.1, FPT_TUD_EXT.1.3, FPT_TUD_EXT.2, FPT_FLS.1, FPT_TST_EXT.1.1, FPT_TST_EXT.2.1, FTA_SSL, FTA_SSL.3, FTA_TSE.1, FTA_VCM_EXT.1, FTA_TSE.1.1, FTP_ITC.1, FTP_ITC_EXT.1.1Standards
FIPS PUB 186-4, FIPS 186-4, RFC4301, RFC 4303, RFC 3602, RFC 4106, RFC 791, RFC 2460, RFC 793, RFC 768, RFC792, ISO/IEC 15408, X.509, CCMB-2012-09-001, CCMB-2012-09-002, CCMB-2012-09-003, CCMB-2012-09-004File metadata
| Creation date | D:20170329082949-04'00' |
|---|---|
| Modification date | D:20170329082949-04'00' |
| Pages | 48 |
References ?
- Cisco ASA and FXOS on Firepower 4100/9300 archived
- Fortinet FortiGate 6000 Series w/ FortiOS 5.6 active
- Fortinet FortiGate/FortiOS 6.0.9 active
- Klas Voyager 1.0 archived
Updates ?
-
04.02.2025 The protection profile was first processed.
New Protection Profile
A new Protection Profile with the name Extended Package for VPN Gateway, Version 2.1 was processed.
Raw data
{
"_id": "e448ce41abadfcb5",
"_type": "sec_certs.sample.protection_profile.ProtectionProfile",
"dgst": "e448ce41abadfcb5",
"heuristics": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.Heuristics"
},
"pdf_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.PdfData",
"pp_filename": "ep_vpn_gw_v2.1.pdf",
"pp_keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 2
}
},
"FF": {
"DH": {
"DH": 3
}
}
},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.AUTHENTICATION": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.FAIL_SECURE": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.HIJACKED_SESSION": 1,
"T.NETWORK_ACCESS": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1,
"T.UNAUTHORIZED_CONNECTION": 1,
"T.UNPROTECTED_TRAFFIC": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ASE": {
"ASE_CCL": 1
},
"AVA": {
"AVA_VAN.1": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FAU": {
"FAU_GEN.1": 3
},
"FCS": {
"FCS_CKM": 2,
"FCS_CKM.1": 1,
"FCS_COP.1": 7,
"FCS_COP.1.1": 1,
"FCS_RBG_EXT.1": 3
},
"FIA": {
"FIA_AFL.1": 2,
"FIA_AFL.1.1": 2,
"FIA_AFL.1.2": 2,
"FIA_PSK_EXT": 2,
"FIA_PSK_EXT.1": 1,
"FIA_PSK_EXT.1.1": 1,
"FIA_PSK_EXT.1.2": 2,
"FIA_PSK_EXT.1.3": 2,
"FIA_PSK_EXT.1.4": 1,
"FIA_UIA_EXT.1": 1
},
"FMT": {
"FMT_MOF": 2,
"FMT_MTD": 2,
"FMT_MTD.1.1": 1,
"FMT_SMF.1": 3,
"FMT_SMF.1.1": 1
},
"FPT": {
"FPT_FLS": 2,
"FPT_FLS.1": 1,
"FPT_TST_EXT.1": 1,
"FPT_TST_EXT.1.1": 1,
"FPT_TST_EXT.2": 2,
"FPT_TST_EXT.2.1": 2,
"FPT_TUD_EXT.1": 3,
"FPT_TUD_EXT.1.3": 1,
"FPT_TUD_EXT.2": 1
},
"FTA": {
"FTA_SSL": 2,
"FTA_SSL.3": 4,
"FTA_TSE.1": 4,
"FTA_TSE.1.1": 1,
"FTA_VCM_EXT.1": 4
},
"FTP": {
"FTP_ITC.1": 2,
"FTP_ITC_EXT.1.1": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"GCM": {
"GCM": 3
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 8
},
"IPsec": {
"IPsec": 11
},
"SSH": {
"SSH": 4
},
"TLS": {
"TLS": {
"TLS": 4
}
},
"VPN": {
"VPN": 97
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 2,
"P-384": 2,
"P-521": 2
}
},
"eval_facility": {},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-256": 1,
"SHA-512": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"CC": {
"CCMB-2012-09-001": 1,
"CCMB-2012-09-002": 1,
"CCMB-2012-09-003": 1,
"CCMB-2012-09-004": 1
},
"FIPS": {
"FIPS 186-4": 1,
"FIPS PUB 186-4": 3
},
"ISO": {
"ISO/IEC 15408": 2
},
"RFC": {
"RFC 2460": 3,
"RFC 3602": 1,
"RFC 4106": 2,
"RFC 4303": 1,
"RFC 768": 3,
"RFC 791": 3,
"RFC 793": 3,
"RFC4301": 1,
"RFC792": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 1
}
}
},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"pp_metadata": {
"/CreationDate": "D:20170329082949-04\u002700\u0027",
"/ModDate": "D:20170329082949-04\u002700\u0027",
"pdf_file_size_bytes": 833754,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 48
},
"report_filename": "ep_vpn_gw_v2.1-vr.pdf",
"report_keywords": {
"asymmetric_crypto": {},
"cc_cert_id": {},
"cc_claims": {
"A": {
"A.CONNECTIONS": 1
},
"O": {
"O.ADDRESS_FILTERING": 1,
"O.ASSIGNED_PRIVATE_ADDRESS": 1,
"O.AUTHENTICATION": 1,
"O.CLIENT_ESTABLISHMENT_CONSTRAINTS": 1,
"O.CRYPTOGRAPHIC_FUNCTIONS": 1,
"O.FAIL_SECURE": 1,
"O.PORT_FILTERING": 1,
"O.REMOTE_SESSION_TERMINATION": 1,
"O.SYSTEM_MONITORING": 1,
"O.TOE_ADMINISTRATION": 1
},
"T": {
"T.DATA_INTEGRITY": 1,
"T.HIJACKED_SESSION": 1,
"T.NETWORK_ACCESS": 1,
"T.NETWORK_DISCLOSURE": 1,
"T.NETWORK_MISUSE": 1,
"T.REPLAY_ATTACK": 1,
"T.UNAUTHORIZED_CONNECTION": 1,
"T.UNPROTECTED_TRAFFIC": 1
}
},
"cc_protection_profile_id": {},
"cc_sar": {
"ADV": {
"ADV_FSP.1": 1
},
"AGD": {
"AGD_OPE": 1,
"AGD_PRE": 1
},
"ALC": {
"ALC_CMC": 1,
"ALC_CMS": 1
},
"APE": {
"APE_CCL.1": 1,
"APE_ECD.1": 1,
"APE_INT.1": 1,
"APE_OBJ.1": 1,
"APE_REQ": 1,
"APE_REQ.1": 1
},
"ASE": {
"ASE_CCL": 1,
"ASE_ECD": 1,
"ASE_INT": 1,
"ASE_OBJ": 1,
"ASE_REQ": 1,
"ASE_SPD": 1,
"ASE_TSS": 1
},
"ATE": {
"ATE_IND": 1
},
"AVA": {
"AVA_VAN": 1,
"AVA_VAN.1": 1
}
},
"cc_security_level": {},
"cc_sfr": {
"FCS": {
"FCS_CKM": 1,
"FCS_COP.1": 1
},
"FIA": {
"FIA_AFL.1": 1,
"FIA_PSK_EXT": 1
},
"FMT": {
"FMT_MTD": 1
},
"FPT": {
"FPT_FLS": 1,
"FPT_TST_EXT": 1
},
"FTA": {
"FTA_SSL": 1,
"FTA_SSL.3": 1,
"FTA_TSE": 1,
"FTA_TSE.1": 1,
"FTA_VCM_EXT": 1,
"FTA_VCM_EXT.1": 1
},
"FTP": {
"FTP_ITC_EXT": 1
}
},
"certification_process": {},
"cipher_mode": {},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"IPsec": {
"IPsec": 2
},
"VPN": {
"VPN": 29
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {
"Gossamer": {
"Gossamer Security": 6
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {},
"symmetric_crypto": {},
"technical_report_id": {},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {
"Cisco": {
"Cisco": 39
}
},
"vulnerability": {}
},
"report_metadata": {
"/CreationDate": "D:20171031092412-04\u002700\u0027",
"/ModDate": "D:20171031092412-04\u002700\u0027",
"pdf_file_size_bytes": 568199,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 14
}
},
"state": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.InternalState",
"pp": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "37efe9a39f1bfcd3ad810ab2d51d92c26c55234d02af616356ec550bc5d31a9c",
"txt_hash": "ff3cd67c2bdded18965844c0b3aa21aa5b9c1edaf7743d805ac1693ae164995f"
},
"report": {
"_type": "sec_certs.sample.document_state.DocumentState",
"convert_garbage": false,
"convert_ok": true,
"download_ok": true,
"extract_ok": true,
"pdf_hash": "845553f04ebbbdf0e1b74624266577be23d59dc500c4f65c10fd05f12e54c961",
"txt_hash": "12359b7b11085f48bc0dcfd4a0bb2a05e5f8a1f540d505342c365e149cfa450c"
}
},
"web_data": {
"_type": "sec_certs.sample.protection_profile.ProtectionProfile.WebData",
"category": "Data Protection",
"is_collaborative": false,
"maintenances": [],
"name": "Extended Package for VPN Gateway, Version 2.1",
"not_valid_after": "2019-12-31",
"not_valid_before": "2017-03-08",
"pp_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ep_vpn_gw_v2.1.pdf",
"report_link": "https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/ep_vpn_gw_v2.1-vr.pdf",
"scheme": "US",
"security_level": {
"_type": "Set",
"elements": [
"EAL1"
]
},
"status": "archived",
"version": "2.1"
}
}