Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Cisco FTD (NGFW) 7.0 on Firepower 4100 and 9300 Series with FMC/FMCv
CCEVS-VR-VID-11292-2023 		Palo Alto Networks Panorama 10.1
CCEVS-VR-VID-11285-2022
name Cisco FTD (NGFW) 7.0 on Firepower 4100 and 9300 Series with FMC/FMCv Palo Alto Networks Panorama 10.1
category Other Devices and Systems Network and Network-Related Devices and Systems
status archived active
not_valid_after 13.02.2025 16.05.2025
not_valid_before 13.02.2023 04.08.2022
cert_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11292-ci.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-ci.pdf
report_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11292-vr.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-vr.pdf
st_link https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11292-st.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/epfiles/st_vid11285-st.pdf
manufacturer Cisco Systems, Inc. Palo Alto Networks, Inc.
manufacturer_web https://www.cisco.com https://www.paloaltonetworks.com/
dgst c019dbfd05176482 cc0f706a935c08bc
heuristics/cert_id CCEVS-VR-VID-11292-2023 CCEVS-VR-VID-11285-2022
heuristics/extracted_versions 7.0 10.1
heuristics/scheme_data
  • category: Firewall, Network Device, Virtual Private Network, Wireless Monitoring
  • certification_date: 13.02.2023
  • evaluation_facility: Gossamer Security Solutions
  • expiration_date: 13.02.2025
  • id: CCEVS-VR-VID11292
  • product: Cisco FTD (NGFW) 7.0 on Firepower 4100 and 9300 Series with FMC/FMCv
  • scheme: US
  • url: https://www.niap-ccevs.org/product/11292
  • vendor: Cisco Systems, Inc.
heuristics/protection_profiles 6448a1802bb874d8, bde3d7587cf42e78, 89f2a255423f4a20 89f2a255423f4a20
maintenance_updates
protection_profile_links https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_IPS_v1.0.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.2E.pdf, https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/MOD_CPP_FW_v1.4e.pdf https://www.commoncriteriaportal.org/nfs/ccpfiles/files/ppfiles/CPP_ND_V2.2E.pdf
pdf_data/cert_filename st_vid11292-ci.pdf st_vid11285-ci.pdf
pdf_data/cert_keywords/cc_cert_id
  • US:
    • CCEVS-VR-VID11292-2023: 1
  • US:
    • CCEVS-VR-VID11285-2022: 1
pdf_data/cert_keywords/vendor
  • Cisco:
    • Cisco: 1
    • Cisco Systems, Inc: 1
pdf_data/cert_keywords/eval_facility
  • Gossamer:
    • Gossamer Security: 1
  • Leidos:
    • Leidos: 1
pdf_data/cert_keywords/crypto_protocol
  • VPN:
    • VPN: 1
pdf_data/cert_metadata
  • /CreationDate: D:20230214165013-05'00'
  • /ModDate: D:20230214165013-05'00'
  • /Producer: iText 2.1.0 (by lowagie.com)
  • pdf_file_size_bytes: 181490
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
  • /CreationDate: D:20220805182522-04'00'
  • /ModDate: D:20220805182522-04'00'
  • /Producer: iText 2.1.0 (by lowagie.com)
  • pdf_file_size_bytes: 179276
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 1
pdf_data/report_filename st_vid11292-vr.pdf st_vid11285-vr.pdf
pdf_data/report_frontpage
  • US:
    • cert_id: CCEVS-VR-VID11292-2023
    • cert_item: Cisco FTD (NGFW) 7.0 on Firepower 4100 and 9300 Series with FMC/FMCv
    • cert_lab: US NIAP
  • US:
    • cert_id: CCEVS-VR-VID11285-2022
    • cert_item: for Palo Alto Networks Panorama v10.1
    • cert_lab: US NIAP
pdf_data/report_keywords/cc_cert_id
  • US:
    • CCEVS-VR-VID11292-2023: 1
  • US:
    • CCEVS-VR-VID11285-2022: 1
pdf_data/report_keywords/cc_sar
  • ADV:
    • ADV_FSP.1: 1
  • AGD:
    • AGD_OPE.1: 1
    • AGD_PRE.1: 1
  • ALC:
    • ALC_CMC.1: 1
    • ALC_CMS.1: 1
  • ATE:
    • ATE_IND.1: 1
  • AVA:
    • AVA_VAN.1: 1
pdf_data/report_keywords/cc_sfr
  • FCS:
    • FCS_CKM.1: 2
    • FCS_CKM.2: 2
    • FCS_COP: 6
    • FCS_RBG_EXT.1: 2
pdf_data/report_keywords/vendor
  • Cisco:
    • Cisco: 45
    • Cisco Systems, Inc: 3
pdf_data/report_keywords/eval_facility
  • Gossamer:
    • Gossamer Security: 4
  • Leidos:
    • Leidos: 7
pdf_data/report_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 2
  • constructions:
    • MAC:
      • HMAC: 2
pdf_data/report_keywords/asymmetric_crypto
  • ECC:
    • ECDSA:
      • ECDSA: 2
  • FF:
    • DSA:
      • DSA: 2
pdf_data/report_keywords/crypto_protocol
  • IPsec:
    • IPsec: 14
  • SSH:
    • SSH: 4
    • SSHv2: 5
  • TLS:
    • TLS:
      • TLS: 12
      • TLSv1.2: 1
  • VPN:
    • VPN: 25
  • IPsec:
    • IPsec: 1
  • SSH:
    • SSH: 6
    • SSHv2: 1
  • TLS:
    • TLS:
      • TLS: 7
  • VPN:
    • VPN: 2
pdf_data/report_keywords/randomness
  • PRNG:
    • DRBG: 2
  • RNG:
    • RBG: 1
pdf_data/report_keywords/certification_process
  • OutOfScope:
    • beyond the scope of this Common Criteria evaluation. Clustering This feature is not tested and is out of scope. The services in the table above are disabled in the evaluated configuration. Cisco FTD (NGFW) 7.0: 1
    • out of scope: 1
  • OutOfScope:
    • e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
    • out of scope: 1
pdf_data/report_metadata
  • /Author: comptont
  • /CreationDate: D:20230214162414-05'00'
  • /Creator: Microsoft® Word for Microsoft 365
  • /ModDate: D:20230214162414-05'00'
  • /Producer: Microsoft® Word for Microsoft 365
  • pdf_file_size_bytes: 327303
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 21
pdf_data/st_filename st_vid11292-st.pdf st_vid11285-st.pdf
pdf_data/st_keywords/cc_sar
  • ADV:
    • ADV_FSP.1: 2
  • AGD:
    • AGD_OPE.1: 3
    • AGD_PRE.1: 2
  • ALC:
    • ALC_CMC.1: 2
    • ALC_CMS.1: 2
  • ATE:
    • ATE_IND.1: 2
  • AVA:
    • AVA_VAN: 1
    • AVA_VAN.1: 5
  • ADV:
    • ADV_FSP.1: 1
  • AGD:
    • AGD_OPE: 1
    • AGD_PRE: 1
  • ALC:
    • ALC_CMC.1: 1
    • ALC_CMS.1: 1
  • ASE:
    • ASE_CCL: 1
    • ASE_ECD: 1
    • ASE_INT: 1
    • ASE_OBJ: 1
    • ASE_REQ: 1
    • ASE_SPD: 1
    • ASE_TSS: 1
  • ATE:
    • ATE_IND.1: 1
  • AVA:
    • AVA_VAN: 1
    • AVA_VAN.1: 2
pdf_data/st_keywords/cc_sfr
  • FAU:
    • FAU_GEN: 4
    • FAU_GEN.1: 10
    • FAU_GEN.1.1: 1
    • FAU_GEN.1.2: 1
    • FAU_GEN.2: 5
    • FAU_GEN.2.1: 1
    • FAU_GEN_EXT.1: 5
    • FAU_GEN_EXT.1.1: 1
    • FAU_SAR.1: 4
    • FAU_SAR.1.1: 1
    • FAU_SAR.1.2: 1
    • FAU_SAR.2: 4
    • FAU_SAR.2.1: 1
    • FAU_SAR.3: 4
    • FAU_SAR.3.1: 1
    • FAU_STG: 3
    • FAU_STG.1: 4
    • FAU_STG_EXT.1: 5
    • FAU_STG_EXT.1.1: 1
    • FAU_STG_EXT.1.2: 1
    • FAU_STG_EXT.1.3: 1
    • FAU_STG_EXT.4: 5
    • FAU_STG_EXT.4.1: 1
    • FAU_STG_EXT.5: 5
    • FAU_STG_EXT.5.1: 1
  • FCO:
    • FCO_CPC_EXT.1: 5
    • FCO_CPC_EXT.1.1: 1
    • FCO_CPC_EXT.1.2: 1
    • FCO_CPC_EXT.1.3: 1
  • FCS:
    • FCS_CKM: 5
    • FCS_CKM.1: 11
    • FCS_CKM.1.1: 2
    • FCS_CKM.2: 7
    • FCS_CKM.2.1: 2
    • FCS_CKM.4: 7
    • FCS_CKM.4.1: 1
    • FCS_COP: 27
    • FCS_COP.1: 4
    • FCS_NTP_EXT.1: 5
    • FCS_NTP_EXT.1.1: 1
    • FCS_NTP_EXT.1.2: 2
    • FCS_NTP_EXT.1.3: 1
    • FCS_NTP_EXT.1.4: 3
    • FCS_RBG_EXT.1: 10
    • FCS_RBG_EXT.1.1: 1
    • FCS_RBG_EXT.1.2: 1
    • FCS_SSHC_EXT.1: 1
    • FCS_SSHS_EXT.1: 15
    • FCS_SSHS_EXT.1.1: 2
    • FCS_SSHS_EXT.1.2: 2
    • FCS_SSHS_EXT.1.3: 2
    • FCS_SSHS_EXT.1.4: 2
    • FCS_SSHS_EXT.1.5: 2
    • FCS_SSHS_EXT.1.6: 2
    • FCS_SSHS_EXT.1.7: 2
    • FCS_SSHS_EXT.1.8: 3
    • FCS_TLSC_EXT.1: 11
    • FCS_TLSC_EXT.1.1: 1
    • FCS_TLSC_EXT.1.2: 3
    • FCS_TLSC_EXT.1.3: 1
    • FCS_TLSC_EXT.1.4: 1
    • FCS_TLSC_EXT.2: 9
    • FCS_TLSC_EXT.2.1: 2
    • FCS_TLSC_EXT.2.3: 2
    • FCS_TLSS_EXT.1: 12
    • FCS_TLSS_EXT.1.1: 1
    • FCS_TLSS_EXT.1.2: 1
    • FCS_TLSS_EXT.1.3: 2
    • FCS_TLSS_EXT.1.4: 1
  • FDP:
    • FDP_RIP.2: 5
    • FDP_RIP.2.1: 1
  • FIA:
    • FIA_AFL.1: 10
    • FIA_AFL.1.1: 1
    • FIA_AFL.1.2: 1
    • FIA_PMG_EXT.1: 5
    • FIA_PMG_EXT.1.1: 1
    • FIA_PSK_EXT.1: 5
    • FIA_PSK_EXT.1.1: 1
    • FIA_PSK_EXT.1.2: 1
    • FIA_PSK_EXT.1.3: 1
    • FIA_PSK_EXT.1.4: 1
    • FIA_UAU.7: 5
    • FIA_UAU.7.1: 1
    • FIA_UAU_EXT.2: 6
    • FIA_UAU_EXT.2.1: 1
    • FIA_UIA_EXT.1: 6
    • FIA_UIA_EXT.1.1: 1
    • FIA_UIA_EXT.1.2: 1
  • FMT:
    • FMT_MOF: 5
    • FMT_MOF.1: 1
    • FMT_MTD: 10
    • FMT_MTD.1: 2
    • FMT_SMF: 15
    • FMT_SMF.1: 9
    • FMT_SMF.1.1: 1
    • FMT_SMR.2: 5
    • FMT_SMR.2.1: 1
    • FMT_SMR.2.2: 1
    • FMT_SMR.2.3: 1
  • FPT:
    • FPT_APW_EXT.1: 5
    • FPT_APW_EXT.1.1: 1
    • FPT_APW_EXT.1.2: 1
    • FPT_FLS: 5
    • FPT_FLS.1: 1
    • FPT_ITT: 8
    • FPT_ITT.1: 11
    • FPT_ITT.1.1: 1
    • FPT_SKP_EXT.1: 6
    • FPT_SKP_EXT.1.1: 1
    • FPT_STM_EXT.1: 6
    • FPT_STM_EXT.1.1: 1
    • FPT_STM_EXT.1.2: 2
    • FPT_TST_EXT: 1
    • FPT_TST_EXT.1: 5
    • FPT_TST_EXT.1.1: 1
    • FPT_TST_EXT.3: 5
    • FPT_TST_EXT.3.1: 1
    • FPT_TST_EXT.3.2: 1
    • FPT_TUD_EXT.1: 5
    • FPT_TUD_EXT.1.1: 1
    • FPT_TUD_EXT.1.2: 1
    • FPT_TUD_EXT.1.3: 1
  • FTA:
    • FTA_SSL: 4
    • FTA_SSL.3: 7
    • FTA_SSL.3.1: 1
    • FTA_SSL.4: 4
    • FTA_SSL.4.1: 1
    • FTA_SSL_EXT: 1
    • FTA_SSL_EXT.1: 5
    • FTA_SSL_EXT.1.1: 1
    • FTA_TAB.1: 7
    • FTA_TAB.1.1: 1
    • FTA_TSE.1: 5
    • FTA_TSE.1.1: 1
    • FTA_VCM_EXT.1: 5
    • FTA_VCM_EXT.1.1: 1
  • FTP:
    • FTP_ITC: 8
    • FTP_ITC.1: 12
    • FTP_ITC.1.1: 2
    • FTP_ITC.1.2: 1
    • FTP_ITC.1.3: 1
    • FTP_TRP: 8
    • FTP_TRP.1: 3
  • FAU:
    • FAU_GEN: 2
    • FAU_GEN.1: 3
    • FAU_GEN.1.1: 1
    • FAU_GEN.1.2: 2
    • FAU_GEN.2: 3
    • FAU_GEN.2.1: 1
    • FAU_STG_EXT: 1
    • FAU_STG_EXT.1: 3
    • FAU_STG_EXT.1.1: 1
    • FAU_STG_EXT.1.2: 1
    • FAU_STG_EXT.1.3: 1
  • FCS:
    • FCS_CKM: 5
    • FCS_CKM.1: 5
    • FCS_CKM.1.1: 1
    • FCS_CKM.2: 6
    • FCS_CKM.2.1: 1
    • FCS_CKM.4: 3
    • FCS_CKM.4.1: 1
    • FCS_COP: 19
    • FCS_COP.1: 4
    • FCS_NTP_EXT.1: 1
    • FCS_NTP_EXT.1.4: 1
    • FCS_RBG_EXT: 1
    • FCS_RBG_EXT.1: 5
    • FCS_RBG_EXT.1.1: 1
    • FCS_RBG_EXT.1.2: 1
    • FCS_SSHS_EXT: 1
    • FCS_SSHS_EXT.1: 3
    • FCS_SSHS_EXT.1.1: 1
    • FCS_SSHS_EXT.1.2: 2
    • FCS_SSHS_EXT.1.3: 1
    • FCS_SSHS_EXT.1.4: 1
    • FCS_SSHS_EXT.1.5: 1
    • FCS_SSHS_EXT.1.6: 1
    • FCS_SSHS_EXT.1.7: 1
    • FCS_SSHS_EXT.1.8: 1
    • FCS_TLSC_EXT: 2
    • FCS_TLSC_EXT.1: 3
    • FCS_TLSC_EXT.1.1: 1
    • FCS_TLSC_EXT.1.2: 1
    • FCS_TLSC_EXT.1.3: 1
    • FCS_TLSC_EXT.1.4: 1
    • FCS_TLSC_EXT.2: 2
    • FCS_TLSC_EXT.2.1: 1
    • FCS_TLSC_EXT.2.3: 1
    • FCS_TLSS_EXT: 1
    • FCS_TLSS_EXT.1: 9
    • FCS_TLSS_EXT.1.1: 2
    • FCS_TLSS_EXT.1.2: 2
    • FCS_TLSS_EXT.1.3: 2
    • FCS_TLSS_EXT.1.4: 2
    • FCS_TLSS_EXT.2: 3
    • FCS_TLSS_EXT.2.1: 1
    • FCS_TLSS_EXT.2.2: 1
    • FCS_TLSS_EXT.2.3: 1
  • FIA:
    • FIA_AFL: 1
    • FIA_AFL.1: 9
    • FIA_AFL.1.1: 1
    • FIA_AFL.1.2: 1
    • FIA_PMG_EXT: 1
    • FIA_PMG_EXT.1: 3
    • FIA_PMG_EXT.1.1: 1
    • FIA_UAU: 1
    • FIA_UAU.7: 3
    • FIA_UAU.7.1: 1
    • FIA_UAU_EXT: 1
    • FIA_UAU_EXT.2: 2
    • FIA_UAU_EXT.2.1: 1
    • FIA_UIA_EXT: 1
    • FIA_UIA_EXT.1: 5
    • FIA_UIA_EXT.1.1: 1
    • FIA_UIA_EXT.1.2: 1
  • FMT:
    • FMT_MOF: 4
    • FMT_MOF.1: 1
    • FMT_MTD: 4
    • FMT_MTD.1: 1
    • FMT_SMF: 1
    • FMT_SMF.1: 3
    • FMT_SMF.1.1: 2
    • FMT_SMR: 1
    • FMT_SMR.2: 3
    • FMT_SMR.2.1: 1
    • FMT_SMR.2.2: 1
    • FMT_SMR.2.3: 1
  • FPT:
    • FPT_APW_EXT: 1
    • FPT_APW_EXT.1: 3
    • FPT_APW_EXT.1.1: 1
    • FPT_APW_EXT.1.2: 1
    • FPT_SKP_EXT: 1
    • FPT_SKP_EXT.1: 3
    • FPT_SKP_EXT.1.1: 1
    • FPT_STM_EXT: 1
    • FPT_STM_EXT.1: 4
    • FPT_STM_EXT.1.1: 1
    • FPT_STM_EXT.1.2: 2
    • FPT_TST_EXT: 1
    • FPT_TST_EXT.1: 3
    • FPT_TST_EXT.1.1: 1
    • FPT_TUD_EXT: 1
    • FPT_TUD_EXT.1: 3
    • FPT_TUD_EXT.1.1: 1
    • FPT_TUD_EXT.1.2: 1
    • FPT_TUD_EXT.1.3: 1
  • FTA:
    • FTA_SSL: 2
    • FTA_SSL.3: 3
    • FTA_SSL.3.1: 1
    • FTA_SSL.4: 2
    • FTA_SSL.4.1: 1
    • FTA_SSL_EXT: 1
    • FTA_SSL_EXT.1: 3
    • FTA_SSL_EXT.1.1: 1
    • FTA_TAB: 1
    • FTA_TAB.1: 4
    • FTA_TAB.1.1: 1
  • FTP:
    • FTP_ITC: 1
    • FTP_ITC.1: 5
    • FTP_ITC.1.1: 1
    • FTP_ITC.1.2: 1
    • FTP_ITC.1.3: 1
    • FTP_TRP: 4
    • FTP_TRP.1: 3
pdf_data/st_keywords/cc_claims
  • A:
    • A.ADMIN_CREDENTIALS_: 1
    • A.COMPONENTS_RUNNING: 1
    • A.CONNECTIONS: 2
    • A.LIMITED_FUNCTIONALITY: 2
    • A.NO_THRU_TRAFFIC_PROTECTION: 1
    • A.PHYSICAL_PROTECTION: 1
    • A.REGULAR_UPDATES: 1
    • A.RESIDUAL_INFORMATION: 1
    • A.TRUSTED_ADMINSTRATOR: 1
    • A.VS_CORRECT_CONFIGURATION: 1
    • A.VS_ISOLATON: 1
    • A.VS_REGULAR_UPDATES: 1
    • A.VS_TRUSTED_ADMINISTRATOR: 1
  • O:
    • O.ADDRESS_FILTERING: 1
    • O.AUTHENTICATION: 1
    • O.CRYPTOGRAPHIC_FUNCTIONS: 1
    • O.FAIL_SECURE: 1
    • O.IPS_ANALYZE: 1
    • O.IPS_REACT: 1
    • O.PORT_FILTERING: 1
    • O.RESIDUAL_INFORMATION: 1
    • O.STATEFUL_TRAFFIC_FILTERING: 1
    • O.SYSTEM_MONITORING: 2
    • O.TOE_ADMINISTRATION: 2
  • OE:
    • OE.ADMIN_CREDENTIALS_: 1
    • OE.COMPONENTS_RUNNING: 1
    • OE.CONNECTIONS: 3
    • OE.NO_GENERAL_PURPOSE: 1
    • OE.NO_THRU_TRAFFIC_PROTECTION: 1
    • OE.PHYSICAL: 1
    • OE.RESIDUAL_INFORMATION: 1
    • OE.TRUSTED_ADMIN: 1
    • OE.UPDATES: 1
    • OE.VM_CONFIGURATION: 1
  • T:
    • T.DATA_INTEGRITY: 1
    • T.MALICIOUS_TRAFFIC: 1
    • T.NETWORK_ACCESS: 2
    • T.NETWORK_DISCLOSURE: 2
    • T.NETWORK_DOS: 1
    • T.NETWORK_MISUSE: 3
    • T.PASSWORD_CRACKING: 1
    • T.REPLAY_ATTACK: 1
    • T.SECURITY_FUNCTIONALITY_: 2
    • T.UNAUTHORIZED_: 1
    • T.UNDETECTED_ACTIVITY: 1
    • T.UNTRUSTED_COMMUNICATIONS: 1
    • T.UPDATE_COMPROMISE: 1
    • T.WEAK_AUTHENTICATION_: 1
    • T.WEAK_CRYPTOGRAPHY: 1
  • A:
    • A.COMPONENTS_RUNNING: 1
    • A.PHYSICAL_PROTECTION: 1
  • OE:
    • OE.ADMIN_CREDENTIALS_SECURE: 1
    • OE.COMPONENTS_RUNNING: 1
    • OE.NO_GENERAL_PURPOSE: 1
    • OE.NO_THRU_TRAFFIC_PROTECTION: 1
    • OE.PHYSICAL: 1
    • OE.RESIDUAL_INFORMATION: 1
    • OE.TRUSTED_ADMIN: 1
    • OE.UPDATES: 1
    • OE.VM_CONFIGURATION: 1
pdf_data/st_keywords/vendor
  • Broadcom:
    • Broadcom: 2
  • Cisco:
    • Cisco: 29
    • Cisco Systems, Inc: 2
  • Broadcom:
    • Broadcom: 2
  • Microsoft:
    • Microsoft: 3
pdf_data/st_keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 12
      • AES-: 2
      • AES-256: 2
  • DES:
    • 3DES:
      • 3DES: 1
    • DES:
      • DES: 1
  • constructions:
    • MAC:
      • HMAC: 4
      • HMAC-SHA-256: 8
      • HMAC-SHA-384: 7
      • HMAC-SHA-512: 8
  • miscellaneous:
    • Skinny:
      • Skinny: 2
  • AES_competition:
    • AES:
      • AES: 35
      • AES-256: 4
  • DES:
    • 3DES:
      • 3DES: 1
  • constructions:
    • MAC:
      • HMAC: 10
      • HMAC-SHA-256: 8
      • HMAC-SHA-384: 3
      • HMAC-SHA-512: 5
pdf_data/st_keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 4
    • ECDH:
      • ECDHE: 4
    • ECDSA:
      • ECDSA: 18
  • FF:
    • DH:
      • DH: 15
      • Diffie-Hellman: 4
    • DSA:
      • DSA: 1
  • RSA:
    • RSA-2048: 1
  • ECC:
    • ECC:
      • ECC: 6
    • ECDH:
      • ECDH: 4
      • ECDHE: 6
    • ECDSA:
      • ECDSA: 23
  • FF:
    • DH:
      • DH: 7
      • DHE: 4
      • Diffie-Hellman: 7
    • DSA:
      • DSA: 4
  • RSA:
    • RSA 2048: 2
    • RSA-2048: 1
pdf_data/st_keywords/hash_function
  • SHA:
    • SHA1:
      • SHA-1: 5
      • SHA1: 1
    • SHA2:
      • SHA-256: 5
      • SHA-384: 3
      • SHA-512: 9
      • SHA384: 1
  • SHA:
    • SHA1:
      • SHA-1: 4
    • SHA2:
      • SHA-256: 8
      • SHA-384: 5
      • SHA-512: 4
pdf_data/st_keywords/crypto_scheme
  • KA:
    • Key Agreement: 1
  • KEX:
    • Key Exchange: 2
  • MAC:
    • MAC: 7
  • KA:
    • Key Agreement: 1
  • MAC:
    • MAC: 3
pdf_data/st_keywords/crypto_protocol
  • IKE:
    • IKE: 42
    • IKEv2: 38
  • IPsec:
    • IPsec: 119
  • SSH:
    • SSH: 88
    • SSHv1: 1
    • SSHv2: 17
  • TLS:
    • DTLS:
      • DTLS: 1
    • SSL:
      • SSL: 2
      • SSL 2.0: 1
      • SSL 3.0: 1
    • TLS:
      • TLS: 114
      • TLS 1.0: 1
      • TLS 1.1: 2
      • TLS 1.2: 2
      • TLSv1.1: 10
      • TLSv1.2: 88
  • VPN:
    • VPN: 234
  • IKE:
    • IKE: 1
  • IPsec:
    • IPsec: 5
  • SSH:
    • SSH: 49
    • SSHv2: 7
  • TLS:
    • DTLS:
      • DTLS: 1
    • SSL:
      • SSL: 4
      • SSL 2.0: 4
      • SSL 3.0: 4
    • TLS:
      • TLS: 86
      • TLS 1.0: 4
      • TLS 1.1: 3
      • TLS 1.2: 4
      • TLSv1.1: 3
      • TLSv1.2: 6
  • VPN:
    • VPN: 4
pdf_data/st_keywords/randomness
  • PRNG:
    • DRBG: 7
  • RNG:
    • RBG: 1
  • PRNG:
    • DRBG: 14
  • RNG:
    • RBG: 3
    • RNG: 6
pdf_data/st_keywords/cipher_mode
  • CBC:
    • CBC: 5
  • GCM:
    • GCM: 6
  • CBC:
    • CBC: 7
  • CCM:
    • CCM: 4
  • CTR:
    • CTR: 6
  • GCM:
    • GCM: 11
pdf_data/st_keywords/ecc_curve
  • NIST:
    • P-256: 14
    • P-384: 14
    • P-521: 14
    • secp256r1: 6
    • secp384r1: 6
    • secp521r1: 6
  • NIST:
    • P-256: 24
    • P-384: 16
    • P-521: 14
    • secp256r1: 6
    • secp384r1: 6
    • secp521r1: 3
pdf_data/st_keywords/tls_cipher_suite
  • TLS:
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 2
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 3
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 3
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 2
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 3
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 3
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 4
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 4
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 7
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 3
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 6
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 7
    • TLS_RSA_WITH_AES_128_CBC_SHA: 5
    • TLS_RSA_WITH_AES_128_CBC_SHA256: 6
    • TLS_RSA_WITH_AES_128_GCM_SHA256: 4
    • TLS_RSA_WITH_AES_256_CBC_SHA: 3
    • TLS_RSA_WITH_AES_256_CBC_SHA256: 6
    • TLS_RSA_WITH_AES_256_GCM_SHA384: 4
  • TLS:
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 4
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 4
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 4
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 4
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 2
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 4
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 6
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 2
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 4
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 6
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 2
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 2
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 6
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 2
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 2
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 6
pdf_data/st_keywords/standard_id
  • CC:
    • CCMB-2017-04-001: 1
    • CCMB-2017-04-002: 1
    • CCMB-2017-04-003: 1
    • CCMB-2017-04-004: 1
  • FIPS:
    • FIPS 140-2: 2
    • FIPS PUB 140-2: 1
    • FIPS PUB 180-4: 2
    • FIPS PUB 186-3: 1
    • FIPS PUB 186-4: 10
    • FIPS PUB 198-1: 1
  • ISO:
    • ISO/IEC 14888-3: 1
    • ISO/IEC 18031:2011: 4
    • ISO/IEC 9796-2: 1
  • NIST:
    • NIST SP 800-56A: 2
  • PKCS:
    • PKCS #1: 1
  • RFC:
    • RFC 1305: 1
    • RFC 2460: 5
    • RFC 2463: 1
    • RFC 2818: 2
    • RFC 2986: 1
    • RFC 3268: 11
    • RFC 3447: 3
    • RFC 3513: 2
    • RFC 3526: 8
    • RFC 3602: 7
    • RFC 4016: 1
    • RFC 4106: 2
    • RFC 4253: 2
    • RFC 4301: 2
    • RFC 4303: 3
    • RFC 4346: 2
    • RFC 4443: 2
    • RFC 4492: 11
    • RFC 4868: 2
    • RFC 4945: 2
    • RFC 5077: 3
    • RFC 5114: 2
    • RFC 5246: 17
    • RFC 5280: 10
    • RFC 5282: 2
    • RFC 5288: 8
    • RFC 5289: 36
    • RFC 5735: 2
    • RFC 5759: 1
    • RFC 5996: 4
    • RFC 6125: 2
    • RFC 6960: 1
    • RFC 768: 5
    • RFC 791: 5
    • RFC 792: 3
    • RFC 793: 5
  • X509:
    • X.509: 12
  • FIPS:
    • FIPS 186-4: 3
    • FIPS PUB 186-4: 18
  • ISO:
    • ISO/IEC 14888-3: 2
    • ISO/IEC 18031:2011: 4
    • ISO/IEC 9796-2: 2
  • NIST:
    • SP 800-135: 2
    • SP 800-90A: 2
  • PKCS:
    • PKCS #1: 2
    • PKCS#12: 2
  • RFC:
    • RFC 2818: 2
    • RFC 2986: 2
    • RFC 3268: 8
    • RFC 3447: 2
    • RFC 3526: 8
    • RFC 3986: 2
    • RFC 4253: 1
    • RFC 4346: 3
    • RFC 4492: 8
    • RFC 5077: 5
    • RFC 5246: 12
    • RFC 5280: 5
    • RFC 5289: 36
    • RFC 5759: 1
    • RFC 6125: 4
    • RFC 7919: 1
  • X509:
    • X.509: 10
pdf_data/st_keywords/certification_process
  • OutOfScope:
    • beyond the scope of this Common Criteria evaluation. Clustering This feature is not tested and is out of scope. The services in the table above are disabled in the evaluated configuration. Any functionality of: 1
    • out of scope: 1
  • OutOfScope:
    • If it is stored via External HSM (operational environment), it is protected by the HSM and is out of scope. The TOE also zeroizes (i.e., overwrites) non-persistent cryptographic keys as soon as their: 1
    • e., stateful inspection filtering, IPsec VPN gateway, IPS/IDS threat prevention) are not evaluated (out of scope). Only the secure communication channels from Panorama to firewalls and Wildfires are claimed. The: 1
    • extent specified by the security functional requirements: TLS, HTTPS, SSH. The features below are out of scope. Table 2 Excluded Features Feature Description Telnet and HTTP Management Protocols Telnet and HTTP: 1
    • operational environment), it is protected by the HSM and is out of scope. The TOE also zeroizes (i.e: 1
    • out of scope: 3
pdf_data/st_metadata
state/cert/pdf_hash Different Different
state/cert/txt_hash Different Different
state/report/pdf_hash Different Different
state/report/txt_hash Different Different
state/st/pdf_hash Different Different
state/st/txt_hash Different Different