Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7000 Series, VM Series, Next-Generation Firewall with PAN-OS 7.0.1-h4
CCEVS-VR-VID-10640-2015
Palo Alto Networks PA-220 Series, PA-400 Series, PA-800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
CCEVS-VR-VID-11284-2022
name Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7000 Series, VM Series, Next-Generation Firewall with PAN-OS 7.0.1-h4 Palo Alto Networks PA-220 Series, PA-400 Series, PA-800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
not_valid_after 25.11.2017 13.09.2024
not_valid_before 25.11.2015 31.08.2022
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10640-ci.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-ci.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10640-vr.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-vr.pdf
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid10640-st.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11284-st.pdf
dgst a107b467b3da5862 150bf4f0cdc34e0e
heuristics/cert_id CCEVS-VR-VID-10640-2015 CCEVS-VR-VID-11284-2022
heuristics/extracted_sars ADV_FSP.1, AGD_PRE.1, ALC_CMS.1, ALC_CMC.1, AVA_VAN.1, ATE_IND.1, AGD_OPE.1 ADV_FSP.1, ALC_CMC.1, AVA_VAN.1, ALC_CMS.1, ATE_IND.1
heuristics/extracted_versions 7.0.1 10.1
heuristics/scheme_data
  • category: Firewall, Network Device, Virtual Private Network
  • certification_date: 2015-11-25T00:00:00Z
  • evaluation_facility: Leidos Common Criteria Testing Laboratory
  • expiration_date: 2017-11-25T00:00:00Z
  • id: CCEVS-VR-VID10640
  • product: Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series, PA-7000 Series, VM Series, Next-Generation Firewall with PAN-OS 7.0.1-h4
  • scheme: US
  • url: https://www.niap-ccevs.org/product/10640
  • vendor: Palo Alto Networks, Inc.
  • category: Firewall, Network Device, Traffic Monitoring, Virtual Private Network
  • certification_date: 2022-08-31T00:00:00Z
  • evaluation_facility: Leidos Common Criteria Testing Laboratory
  • expiration_date: 2024-09-13T00:00:00Z
  • id: CCEVS-VR-VID11284
  • product: Palo Alto Networks PA-220 Series, PA-400 Series, PA-800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
  • scheme: US
  • url: https://www.niap-ccevs.org/product/11284
  • vendor: Palo Alto Networks, Inc.
maintenance_updates
protection_profiles



pdf_data/cert_filename st_vid10640-ci.pdf st_vid11284-ci.pdf
pdf_data/cert_keywords/cc_cert_id
  • US:
    • CCEVS-VR-VID10640-2015: 1
  • US:
    • CCEVS-VR-VID11284-2022: 1
pdf_data/cert_metadata
  • /CreationDate: D:20151130152233-05'00'
  • /ModDate: D:20151130152233-05'00'
  • /Producer: iText 2.1.0 (by lowagie.com)
  • pdf_file_size_bytes: 178373
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
  • /CreationDate: D:20220906175610-04'00'
  • /ModDate: D:20220906175610-04'00'
  • /Producer: iText 2.1.0 (by lowagie.com)
  • pdf_file_size_bytes: 182730
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
pdf_data/report_filename st_vid10640-vr.pdf st_vid11284-vr.pdf
pdf_data/report_frontpage
  • US:
    • cert_id: CCEVS-VR-VID10640-2015
    • cert_item: for Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA- 3000 Series, PA-4000 Series, PA-5000 Series, PA-7000 Series, VM Series, Next-Generation Firewall with PAN-OS 7.0.1-h4
    • cert_lab: US NIAP
  • US:
    • cert_id: CCEVS-VR-VID11284-2022
    • cert_item: for Palo Alto Networks PA-220 Series, PA-400 Series, PA- 800 Series, PA-3200 Series, PA-5200 Series, PA-5450, PA-7000 Series, and VM Series Next-Generation Firewall with PAN-OS 10.1
    • cert_lab: US NIAP
pdf_data/report_keywords/cc_cert_id
  • US:
    • CCEVS-VR-VID10640-2015: 1
  • US:
    • CCEVS-VR-VID11284-2022: 1
pdf_data/report_keywords/cc_sar
  • ADV:
    • ADV_FSP.1: 1
  • AGD:
    • AGD_OPE.1: 1
    • AGD_PRE.1: 1
  • ALC:
    • ALC_CMC.1: 1
    • ALC_CMS.1: 1
  • ATE:
    • ATE_IND.1: 1
  • AVA:
    • AVA_VAN.1: 1
  • AVA:
    • AVA_VAN: 1
pdf_data/report_keywords/cc_sfr
  • FCS:
    • FCS_TLSC_EXT.2.3: 1
  • FIA:
    • FIA_AFL.1: 2
  • FTP:
    • FTP_ITC.1: 1
pdf_data/report_keywords/cc_claims
  • A:
    • A.CONNECTIONS: 2
    • A.NO_GENERAL_PURPOSE: 1
    • A.PHYSICAL: 1
    • A.TRUSTED_ADMIN: 1
pdf_data/report_keywords/vendor
  • Broadcom:
    • Broadcom: 9
  • Microsoft:
    • Microsoft: 1
  • Microsoft:
    • Microsoft: 4
pdf_data/report_keywords/eval_facility
  • Leidos:
    • Leidos: 8
  • Leidos:
    • Leidos: 7
pdf_data/report_keywords/symmetric_crypto
  • DES:
    • DES:
      • DES: 1
pdf_data/report_keywords/crypto_scheme
  • KEX:
    • Key Exchange: 1
  • KA:
    • Key Agreement: 1
  • KEX:
    • Key Exchange: 1
pdf_data/report_keywords/crypto_protocol
  • IKE:
    • IKE: 3
  • IPsec:
    • IPsec: 11
  • SSH:
    • SSH: 3
  • TLS:
    • SSL:
      • SSL: 6
    • TLS:
      • TLS: 8
  • VPN:
    • VPN: 29
  • IKE:
    • IKE: 3
  • IPsec:
    • IPsec: 46
  • SSH:
    • SSH: 13
  • TLS:
    • SSL:
      • SSL: 3
    • TLS:
      • TLS: 16
  • VPN:
    • VPN: 64
pdf_data/report_keywords/cipher_mode
  • GCM:
    • GCM: 1
pdf_data/report_keywords/standard_id
  • FIPS:
    • FIPS 140-2: 1
  • RFC:
    • RFC 5077: 1
pdf_data/report_metadata
  • /Author: Pierre, Marie Evencie
  • /Company: SAIC
  • /CreationDate: D:20151127115139-05'00'
  • /Creator: Acrobat PDFMaker 11 for Word
  • /ModDate: D:20151127115142-05'00'
  • /Producer: Adobe PDF Library 11.0
  • /SourceModified: D:20151127165127
  • /Title: National Information Assurance Partnership
  • pdf_file_size_bytes: 342926
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 33
  • /CreationDate: D:20220906174944-04'00'
  • /Creator: Microsoft® Word for Microsoft 365
  • /ModDate: D:20220906174944-04'00'
  • /Producer: Microsoft® Word for Microsoft 365
  • pdf_file_size_bytes: 831523
  • pdf_hyperlinks: http://www.niap-ccevs.org/
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 41
pdf_data/st_filename st_vid10640-st.pdf st_vid11284-st.pdf
pdf_data/st_keywords/cc_sar
  • ADV:
    • ADV_FSP.1: 1
  • AGD:
    • AGD_OPE: 1
    • AGD_PRE: 1
  • ALC:
    • ALC_CMC.1: 1
    • ALC_CMS.1: 1
  • ATE:
    • ATE_IND.1: 1
  • AVA:
    • AVA_VAN.1: 1
  • ADV:
    • ADV_FSP.1: 1
  • AGD:
    • AGD_OPE: 1
    • AGD_PRE: 1
  • ALC:
    • ALC_CMC.1: 1
    • ALC_CMS.1: 1
  • ASE:
    • ASE_CCL: 1
    • ASE_ECD: 1
    • ASE_INT: 1
    • ASE_OBJ: 1
    • ASE_REQ: 1
    • ASE_SPD: 1
    • ASE_TSS: 1
  • ATE:
    • ATE_IND.1: 1
  • AVA:
    • AVA_VAN: 1
    • AVA_VAN.1: 2
pdf_data/st_keywords/cc_sfr
  • FAU:
    • FAU_GEN: 6
    • FAU_GEN.1: 3
    • FAU_GEN.1.1: 1
    • FAU_GEN.1.2: 1
    • FAU_GEN.2: 3
    • FAU_GEN.2.1: 1
    • FAU_STG_EXT: 4
    • FAU_STG_EXT.1: 3
    • FAU_STG_EXT.1.1: 2
  • FCS:
    • FCS_CKM.1: 13
    • FCS_CKM.1.1: 2
    • FCS_CKM_EXT: 4
    • FCS_CKM_EXT.4: 3
    • FCS_CKM_EXT.4.1: 1
    • FCS_COP.1: 32
    • FCS_COP.1.1: 1
    • FCS_RBG_EXT: 4
    • FCS_RBG_EXT.1: 5
    • FCS_RBG_EXT.1.1: 1
    • FCS_RBG_EXT.1.2: 1
    • FCS_TLS_EXT: 4
    • FCS_TLS_EXT.1: 4
    • FCS_TLS_EXT.1.1: 1
  • FDP:
    • FDP_ACC.1: 3
    • FDP_RIP: 3
    • FDP_RIP.2: 3
    • FDP_RIP.2.1: 1
  • FIA:
    • FIA_AFL: 2
    • FIA_AFL.1: 3
    • FIA_AFL.1.1: 1
    • FIA_AFL.1.2: 1
    • FIA_PMG_EXT: 4
    • FIA_PMG_EXT.1: 3
    • FIA_PMG_EXT.1.1: 1
    • FIA_UAU: 3
    • FIA_UAU.7: 3
    • FIA_UAU.7.1: 1
    • FIA_UAU_EXT: 3
    • FIA_UAU_EXT.2: 4
    • FIA_UAU_EXT.2.1: 1
    • FIA_UIA_EXT: 4
    • FIA_UIA_EXT.1: 4
    • FIA_UIA_EXT.1.1: 1
    • FIA_UIA_EXT.1.2: 1
  • FMT:
    • FMT_MOF: 1
    • FMT_MOF.1: 4
    • FMT_MOF.1.1: 1
    • FMT_MTD: 3
    • FMT_MTD.1: 3
    • FMT_MTD.1.1: 1
    • FMT_SMF: 3
    • FMT_SMF.1: 4
    • FMT_SMF.1.1: 1
    • FMT_SMR: 3
    • FMT_SMR.2: 3
    • FMT_SMR.2.1: 1
    • FMT_SMR.2.2: 1
    • FMT_SMR.2.3: 1
  • FPT:
    • FPT_APW_EXT: 4
    • FPT_APW_EXT.1: 3
    • FPT_APW_EXT.1.1: 1
    • FPT_APW_EXT.1.2: 1
    • FPT_FLS.1: 5
    • FPT_FLS.1.1: 1
    • FPT_SKP_EXT: 4
    • FPT_SKP_EXT.1: 3
    • FPT_SKP_EXT.1.1: 1
    • FPT_STM: 3
    • FPT_STM.1: 3
    • FPT_STM.1.1: 1
    • FPT_TST_EXT: 4
    • FPT_TST_EXT.1: 3
    • FPT_TST_EXT.1.1: 1
    • FPT_TST_EXT.1.2: 1
    • FPT_TUD_EXT: 4
    • FPT_TUD_EXT.1: 3
    • FPT_TUD_EXT.1.1: 1
    • FPT_TUD_EXT.1.2: 1
    • FPT_TUD_EXT.1.3: 1
  • FTA:
    • FTA_SSL: 6
    • FTA_SSL.3: 3
    • FTA_SSL.3.1: 1
    • FTA_SSL.4: 3
    • FTA_SSL.4.1: 1
    • FTA_SSL_EXT: 4
    • FTA_SSL_EXT.1: 3
    • FTA_SSL_EXT.1.1: 1
    • FTA_TAB: 3
    • FTA_TAB.1: 4
    • FTA_TAB.1.1: 1
  • FTP:
    • FTP_ITC: 3
    • FTP_ITC.1: 3
    • FTP_ITC.1.1: 3
    • FTP_ITC.1.2: 1
    • FTP_ITC.1.3: 1
    • FTP_TRP: 3
    • FTP_TRP.1: 3
    • FTP_TRP.1.1: 3
    • FTP_TRP.1.2: 1
    • FTP_TRP.1.3: 1
  • FAU:
    • FAU_GEN: 5
    • FAU_GEN.1: 5
    • FAU_GEN.1.1: 1
    • FAU_GEN.1.2: 2
    • FAU_GEN.2: 3
    • FAU_GEN.2.1: 1
    • FAU_STG_EXT: 1
    • FAU_STG_EXT.1: 3
    • FAU_STG_EXT.1.1: 1
    • FAU_STG_EXT.1.2: 1
    • FAU_STG_EXT.1.3: 1
  • FCS:
    • FCS_CKM: 9
    • FCS_CKM.1: 4
    • FCS_CKM.1.1: 1
    • FCS_CKM.2: 7
    • FCS_CKM.2.1: 1
    • FCS_CKM.4: 3
    • FCS_CKM.4.1: 1
    • FCS_COP: 14
    • FCS_COP.1: 4
    • FCS_NTP_EXT.1: 1
    • FCS_NTP_EXT.1.4: 1
    • FCS_RBG_EXT: 1
    • FCS_RBG_EXT.1: 5
    • FCS_RBG_EXT.1.1: 1
    • FCS_RBG_EXT.1.2: 1
    • FCS_SSHS_EXT: 1
    • FCS_SSHS_EXT.1: 3
    • FCS_SSHS_EXT.1.1: 1
    • FCS_SSHS_EXT.1.2: 2
    • FCS_SSHS_EXT.1.3: 1
    • FCS_SSHS_EXT.1.4: 1
    • FCS_SSHS_EXT.1.5: 1
    • FCS_SSHS_EXT.1.6: 1
    • FCS_SSHS_EXT.1.7: 1
    • FCS_SSHS_EXT.1.8: 1
    • FCS_TLSC_EXT: 2
    • FCS_TLSC_EXT.1: 3
    • FCS_TLSC_EXT.1.1: 1
    • FCS_TLSC_EXT.1.2: 1
    • FCS_TLSC_EXT.1.3: 1
    • FCS_TLSC_EXT.1.4: 1
    • FCS_TLSC_EXT.2: 2
    • FCS_TLSC_EXT.2.1: 1
    • FCS_TLSC_EXT.2.3: 1
    • FCS_TLSS_EXT: 2
    • FCS_TLSS_EXT.1: 4
    • FCS_TLSS_EXT.1.1: 1
    • FCS_TLSS_EXT.1.2: 1
    • FCS_TLSS_EXT.1.3: 1
    • FCS_TLSS_EXT.1.4: 1
    • FCS_TLSS_EXT.2: 2
    • FCS_TLSS_EXT.2.1: 1
    • FCS_TLSS_EXT.2.2: 1
    • FCS_TLSS_EXT.2.3: 1
  • FDP:
    • FDP_RIP: 1
    • FDP_RIP.2: 4
  • FIA:
    • FIA_AFL: 1
    • FIA_AFL.1: 9
    • FIA_AFL.1.1: 1
    • FIA_AFL.1.2: 1
    • FIA_PMG_EXT: 1
    • FIA_PMG_EXT.1: 3
    • FIA_PMG_EXT.1.1: 1
    • FIA_UAU: 1
    • FIA_UAU.7: 3
    • FIA_UAU.7.1: 1
    • FIA_UAU_EXT: 1
    • FIA_UAU_EXT.2: 2
    • FIA_UAU_EXT.2.1: 1
    • FIA_UIA_EXT: 1
    • FIA_UIA_EXT.1: 5
    • FIA_UIA_EXT.1.1: 1
    • FIA_UIA_EXT.1.2: 1
  • FMT:
    • FMT_MOF: 8
    • FMT_MOF.1: 2
    • FMT_MTD: 8
    • FMT_MTD.1: 2
    • FMT_SMF: 8
    • FMT_SMF.1: 5
    • FMT_SMF.1.1: 2
    • FMT_SMR: 1
    • FMT_SMR.2: 3
    • FMT_SMR.2.1: 1
    • FMT_SMR.2.2: 1
    • FMT_SMR.2.3: 1
  • FPT:
    • FPT_APW_EXT: 1
    • FPT_APW_EXT.1: 3
    • FPT_APW_EXT.1.1: 1
    • FPT_APW_EXT.1.2: 1
    • FPT_FLS: 3
    • FPT_FLS.1: 1
    • FPT_SKP_EXT: 1
    • FPT_SKP_EXT.1: 3
    • FPT_SKP_EXT.1.1: 1
    • FPT_STM_EXT: 1
    • FPT_STM_EXT.1: 4
    • FPT_STM_EXT.1.1: 1
    • FPT_STM_EXT.1.2: 2
    • FPT_TST_EXT: 3
    • FPT_TST_EXT.1: 3
    • FPT_TST_EXT.1.1: 1
    • FPT_TST_EXT.3: 2
    • FPT_TST_EXT.3.1: 1
    • FPT_TST_EXT.3.2: 1
    • FPT_TUD_EXT: 1
    • FPT_TUD_EXT.1: 3
    • FPT_TUD_EXT.1.1: 1
    • FPT_TUD_EXT.1.2: 1
    • FPT_TUD_EXT.1.3: 1
  • FTA:
    • FTA_SSL: 2
    • FTA_SSL.3: 3
    • FTA_SSL.3.1: 1
    • FTA_SSL.4: 2
    • FTA_SSL.4.1: 1
    • FTA_SSL_EXT: 1
    • FTA_SSL_EXT.1: 3
    • FTA_SSL_EXT.1.1: 1
    • FTA_TAB: 1
    • FTA_TAB.1: 4
    • FTA_TAB.1.1: 1
  • FTP:
    • FTP_ITC: 4
    • FTP_ITC.1: 9
    • FTP_ITC.1.1: 1
    • FTP_ITC.1.2: 1
    • FTP_ITC.1.3: 1
    • FTP_TRP: 4
    • FTP_TRP.1: 3
pdf_data/st_keywords/cc_claims
  • OE:
    • OE.CONNECTIONS: 1
    • OE.NO_GENERAL_PURPOSE: 1
    • OE.PHYSICAL: 1
    • OE.TRUSTED_ADMIN: 1
  • A:
    • A.COMPONENTS_RUNNING: 1
    • A.PHYSICAL_PROTECTION: 1
  • OE:
    • OE.ADMIN_CREDENTIALS_SECURE: 1
    • OE.COMPONENTS_RUNNING: 1
    • OE.CONNECTIONS: 1
    • OE.NO_GENERAL_PURPOSE: 1
    • OE.NO_THRU_TRAFFIC_PROTECTION: 1
    • OE.PHYSICAL: 1
    • OE.RESIDUAL_INFORMATION: 1
    • OE.TRUSTED_ADMIN: 1
    • OE.UPDATES: 1
    • OE.VM_CONFIGURATION: 1
pdf_data/st_keywords/vendor
  • Broadcom:
    • Broadcom: 2
  • Microsoft:
    • Microsoft: 1
  • Broadcom:
    • Broadcom: 3
  • Microsoft:
    • Microsoft: 5
pdf_data/st_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 18
      • AES-: 1
      • AES-128: 1
      • AES-256: 9
  • constructions:
    • MAC:
      • HMAC: 7
      • HMAC-SHA-256: 3
      • HMAC-SHA-384: 2
      • HMAC-SHA-512: 2
  • AES_competition:
    • AES:
      • AES: 35
      • AES-: 2
      • AES-256: 5
  • DES:
    • 3DES:
      • 3DES: 1
  • constructions:
    • MAC:
      • HMAC: 13
      • HMAC-SHA-256: 7
      • HMAC-SHA-384: 4
      • HMAC-SHA-512: 6
pdf_data/st_keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 1
    • ECDSA:
      • ECDSA: 13
  • FF:
    • DH:
      • DH: 23
      • Diffie-Hellman: 1
    • DSA:
      • DSA: 2
  • RSA:
    • RSA 2048: 1
    • RSA-2048: 2
  • ECC:
    • ECC:
      • ECC: 7
    • ECDH:
      • ECDH: 2
      • ECDHE: 6
    • ECDSA:
      • ECDSA: 26
  • FF:
    • DH:
      • DH: 32
      • DHE: 3
      • Diffie-Hellman: 8
    • DSA:
      • DSA: 2
  • RSA:
    • RSA 2048: 1
    • RSA-2048: 1
pdf_data/st_keywords/hash_function
  • MD:
    • MD5:
      • MD5: 1
  • SHA:
    • SHA1:
      • SHA-1: 5
    • SHA2:
      • SHA-224: 3
      • SHA-256: 6
      • SHA-384: 6
      • SHA-512: 4
      • SHA256: 2
  • SHA:
    • SHA1:
      • SHA-1: 7
    • SHA2:
      • SHA-256: 8
      • SHA-384: 6
      • SHA-512: 4
      • SHA256: 4
pdf_data/st_keywords/crypto_scheme
  • KEX:
    • Key Exchange: 1
  • KA:
    • Key Agreement: 1
  • KEX:
    • Key Exchange: 1
  • MAC:
    • MAC: 3
pdf_data/st_keywords/crypto_protocol
  • IKE:
    • IKE: 22
    • IKEv1: 12
    • IKEv2: 11
  • IPsec:
    • IPsec: 92
  • SSH:
    • SSH: 12
  • TLS:
    • SSL:
      • SSL: 31
    • TLS:
      • TLS: 49
      • TLS 1.0: 2
      • TLS 1.1: 2
      • TLS 1.2: 3
      • TLS v1.0: 1
      • TLS v1.1: 1
      • TLS v1.2: 1
  • VPN:
    • VPN: 130
  • IKE:
    • IKE: 30
    • IKEv1: 15
    • IKEv2: 13
  • IPsec:
    • IPsec: 104
  • SSH:
    • SSH: 59
  • TLS:
    • DTLS:
      • DTLS: 1
    • SSL:
      • SSL: 6
      • SSL 2.0: 3
      • SSL 3.0: 3
    • TLS:
      • TLS: 90
      • TLS 1.0: 3
      • TLS 1.1: 3
      • TLS 1.2: 4
      • TLSv1.1: 2
      • TLSv1.2: 6
  • VPN:
    • VPN: 90
pdf_data/st_keywords/randomness
  • PRNG:
    • DRBG: 5
    • PRNG: 2
  • RNG:
    • RBG: 3
    • RNG: 12
  • PRNG:
    • DRBG: 15
  • RNG:
    • RBG: 2
pdf_data/st_keywords/cipher_mode
  • CBC:
    • CBC: 5
  • CCM:
    • CCM: 1
  • GCM:
    • GCM: 4
  • CBC:
    • CBC: 13
  • CCM:
    • CCM: 5
  • CTR:
    • CTR: 7
  • GCM:
    • GCM: 16
pdf_data/st_keywords/ecc_curve
  • NIST:
    • P-251: 2
    • P-256: 8
    • P-384: 10
  • NIST:
    • P-256: 24
    • P-384: 18
    • P-521: 10
    • secp256r1: 5
    • secp384r1: 4
    • secp521r1: 3
pdf_data/st_keywords/tls_cipher_suite
  • TLS:
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 2
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 2
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_RSA_WITH_AES_128_CBC_SHA: 2
    • TLS_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_RSA_WITH_AES_256_CBC_SHA: 2
  • TLS:
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 4
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 4
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 4
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 2
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 4
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 4
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 2
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 4
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 4
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 4
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 4
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 4
pdf_data/st_keywords/standard_id
  • FIPS:
    • FIPS 140-2: 6
    • FIPS PUB 140-2: 1
    • FIPS PUB 186-2: 1
    • FIPS PUB 186-3: 10
    • FIPS PUB 186-4: 2
    • FIPS PUB 197: 2
  • NIST:
    • NIST SP 800-38A: 2
    • NIST SP 800-38D: 1
    • NIST SP 800-90: 1
    • SP 800-38D: 1
    • SP 800-56A: 1
    • SP 800-56B: 1
  • PKCS:
    • PKCS#12: 2
  • RFC:
    • RFC 2246: 2
    • RFC 2460: 3
    • RFC 2560: 1
    • RFC 2818: 2
    • RFC 2986: 2
    • RFC 3513: 2
    • RFC 3602: 2
    • RFC 4106: 2
    • RFC 4109: 2
    • RFC 4301: 3
    • RFC 4303: 1
    • RFC 4304: 1
    • RFC 4346: 2
    • RFC 4443: 2
    • RFC 4868: 1
    • RFC 4945: 1
    • RFC 5246: 2
    • RFC 5280: 2
    • RFC 5282: 1
    • RFC 5735: 2
    • RFC 5759: 1
    • RFC 6379: 1
    • RFC 768: 3
    • RFC 791: 3
    • RFC 792: 2
    • RFC 793: 4
    • RFC 959: 2
    • RFC2409: 1
  • X509:
    • X.509: 5
    • x.509: 1
  • FIPS:
    • FIPS 186-4: 4
    • FIPS PUB 186-4: 20
  • ISO:
    • ISO/IEC 14888-3: 2
    • ISO/IEC 18031:2011: 5
    • ISO/IEC 9796-2: 2
  • NIST:
    • NIST SP 800-56A: 2
    • SP 800-135: 2
    • SP 800-90A: 2
  • PKCS:
    • PKCS #1: 2
    • PKCS#12: 2
  • RFC:
    • RFC 2460: 2
    • RFC 2818: 3
    • RFC 2986: 2
    • RFC 3268: 8
    • RFC 3447: 2
    • RFC 3513: 2
    • RFC 3526: 11
    • RFC 35269: 1
    • RFC 3602: 3
    • RFC 3986: 2
    • RFC 4106: 1
    • RFC 4109: 1
    • RFC 4253: 1
    • RFC 4301: 2
    • RFC 4303: 2
    • RFC 4304: 1
    • RFC 4346: 3
    • RFC 4443: 1
    • RFC 4492: 12
    • RFC 4868: 1
    • RFC 4945: 1
    • RFC 5077: 3
    • RFC 5114: 2
    • RFC 5246: 8
    • RFC 5280: 4
    • RFC 5289: 28
    • RFC 5735: 2
    • RFC 5759: 1
    • RFC 5996: 3
    • RFC 6125: 4
    • RFC 6598: 2
    • RFC 6960: 1
    • RFC 768: 2
    • RFC 791: 2
    • RFC 7919: 1
    • RFC 792: 1
    • RFC 793: 3
    • RFC 959: 1
    • RFC2409: 1
    • RFC4945: 1
  • X509:
    • X.509: 13
pdf_data/st_keywords/certification_process
  • OutOfScope:
    • and URL Filtering security policies/profiles are not evaluated and therefore, these features are out of scope. API request over HTTP By default, the TOE supports API requests over HTTPS or HTTPS tunneled over: 1
    • Policies The TLS and SSH decryption policies are not evaluated and therefore, these features are out of scope. Anti-Virus, Anti-Spyware, Anti- Malware Security Policies The Anti-Virus, Anti-Spyware: 1
    • functional requirements: TLS, HTTPS, SSH, IKE/IPsec. The features below and Normal mode are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
    • is secured with TLS using FIPS-approved algorithms. The threat prevention signatures themselves are out of scope (i.e., not evaluated). Page 12 of 84 Management The next-generation firewall provides both direct: 1
    • malformed, fragmented packets. The protection from viruses, worm, and spyware using signatures are out of scope (i.e., not evaluated). • DoS Protection – the firewall is designed to protect against flooding: 1
    • out of scope: 6
    • security policies (i.e., profiles) are not evaluated and therefore, there features are out of scope. File Blocking, DLP, and URL Filtering Security Policies The File Blocking, DLP (Data Loss: 1
pdf_data/st_metadata
state/cert/convert_garbage False True
state/cert/pdf_hash Different Different
state/cert/txt_hash Different Different
state/report/pdf_hash Different Different
state/report/txt_hash Different Different
state/st/pdf_hash Different Different
state/st/txt_hash Different Different