@@ -102,9 +102,9 @@ Once the present document is cited in the Official Journal of the European Union
The present document is part 1 of a multi-part deliverable covering Cyber Security (CYBER); Essential cybersecurity requirements for products with digital elements with the function of virtual private networks (VPN)
The present document is part 1 of a multi-part deliverable covering Cyber Security (CYBER); Essential cybersecurity requirements for products with digital elements with the function of virtual private networks (VPN)
Part 1: VPNs for secure remote access to private networks
Part 1: VPNs for private connection to public networks
Part 2: VPNs for private connection to public networks
Part 2: VPNs for secure remote access to private networks
## Transposition table
## Transposition table
@@ -426,13 +426,13 @@ This clause describes the two-way relationship where the VPN product both delega
The security of a VPN product is dependent on a chain of trust that spans across multiple components in its operational environment. Consequently, the VPN product delegates certain risks to other components while offering security functionalities that mitigate risks for those same components.
The security of a VPN product is dependent on a chain of trust that spans across multiple components in its operational environment. Consequently, the VPN product delegates certain risks to other components while offering security functionalities that mitigate risks for those same components.
### 4.5.3 Security Functionalities Offered to Integrated Components
### 4.5.2 Security Functionalities Offered to Integrated Components
The VPN product offers the following security functionalities to other components in its operational environment:
The VPN product offers the following security functionalities to other components in its operational environment:
-**Secure Data Transport** - The primary function of a VPN is to create a secure, encrypted tunnel over an untrusted network. This functionality protects all network traffic originating from the client device or network from eavesdropping and other network-based attacks.
-**Secure Data Transport** - The primary function of a VPN is to create a secure, encrypted tunnel over an untrusted network. This functionality protects all network traffic originating from the client device or network from eavesdropping and other network-based attacks.
### 4.5.2 Security functions required from the environment
### 4.5.3 Security functions required from the environment
The following risks are delegated by the VPN product to other components within its operational environment:
The following risks are delegated by the VPN product to other components within its operational environment:
@@ -475,7 +475,7 @@ See [i.3] for formal definitions of micro, small, and medium-sized enterprises.
* seeking secure connections primarily to SaaS products
* seeking secure connections primarily to SaaS products
* requires managed service for configuration and maintenance
* requires managed service for configuration and maintenance
