Category Archive

Below you'll find a list of all posts that have been categorized as “Common Criteria”

Understanding the Scope of NDcPP Evaluations

Greg McLearn April 2, 2019Common Criteria

When first exposed to the Network Device collaborative Protection Profile (NDcPP), vendors are often surprised by the extremely narrow scope. It is critical to realize that the Protection Profile (PP) refers to an abstract “network device” with required functionality that …

Challenges in Fuzzing RFC 1149

Greg McLearn April 1, 2019Common Criteria, Humour

Conan Hoye and Greg McLearn contributed to this article. At Lightship, we test a lot of NDcPP-compliant products. As part of those evaluations, we are required, as per Appendix A in the Supporting Document, to perform network fuzzing against the …

NDcPP v2.1 endorsed by NIAP but which TDs apply?

Lachlan Turner March 12, 2019Certifications, Common Criteria

[March 14, 2019 update] The NIAP list of TDs is now up to date with NDcPP v2.1 attribution. NIAP announced their endorsement today of version 2.1 of the Network Device collaborative Protection Profile. We’ve previously described the changes in NDcPP v2.1. …

NDcPP – Are You A Good Network Citizen?

Jason Lawlor March 9, 2019Certifications, Common Criteria

Vendors undertaking a Common Criteria project for the first time are often surprised by the scope and focus of the testing for a Network Devices collaborative Protection Profile (NDcPP) CC evaluation. Lightship’s Technical Director, Greg McLearn often refers to the …

What’s changed since NDcPP v1.0?

Lachlan Turner February 8, 2019Certifications, Common Criteria

[March 12, 2019 Update] NDcPPv2.1 has been formally endorsed by NIAP. There are 41 products listed on the NIAP PCL that are compliant with the collaborative Protection Profile for Network Devices (NDcPP) v1.0. These PCL listings will all expire within the next …

The Mother of All NIAP Protection Profiles – NDcPP

Lachlan Turner November 29, 2018Certifications, Common Criteria

We took a strategic decision early on at Lightship Security to focus our initial Greenlight development efforts on automating the tests specified by the Network Device collaborative Protection Profile (NDcPP). There are two main reasons for this: It is the …

Government of Canada Funding for Greenlight Conformance Test Automation

Jason Lawlor November 20, 2018Common Criteria, Lightship News

As part of our continued commitment to develop innovative certification automation solutions, Lightship Security is pleased to announce that it has received additional development funding from the National Research Council of Canada Industrial Research Assistance Program (NRC IRAP). The NRC …

Notable NDcPPv2.1 Changes (from v2.0e)

Lachlan Turner October 3, 2018Certifications, Common Criteria

[March 12, 2019 Update] NDcPPv2.1 has been formally endorsed by NIAP. NDcPPv2.1 is hot off the presses from the Network iTC. It is yet to be officially accepted by NIAP for PCL usage however this is probably not too far off, …

SSH Rekey Limits with OpenSSH

Greg McLearn August 13, 2018Common Criteria

Since this article was posted, the international Network Interpretations Team has issued RFI 201824 stating that the send and receive keys can be independently rekeyed. Therefore, the requirement that the ‘aggregate’ traffic be counted is no longer mandated according to …

6 Tips to Help Avoid Surprises In Your Next Common Criteria Evaluation

Jason Lawlor July 29, 2018Certifications, Common Criteria

Undertaking a Common Criteria (CC) evaluation should not be an opaque process from a timing, process or cost perspective. In this post, the testing experts at Lightship provide 6 practical tips to ensure that you are getting the best value …

Page 3 of 5
←
1
...
2
3
4
...
5
→