This page was not yet optimized for use on mobile
devices.
Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways
Certificate #2921
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, Triple-DES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
MAC, Key ExchangeProtocols
SSH, SSHv2, IKE, IKEv1, IKEv2, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, Level 1Side-channel analysis
malfunctionStandards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-90A, X.509File metadata
| Title | 123X48D30_SRX_1400-3400-3600_Security_Policy_1-10_20170609_trackedChangesAccepted |
|---|---|
| Creation date | D:20170609212505Z00'00' |
| Modification date | D:20170609212505Z00'00' |
| Pages | 29 |
| Creator | Word |
| Producer | Mac OS X 10.12.5 Quartz PDFContext |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2921,
"dgst": "08c6f6cb289f84a3",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHS#3341",
"RSA#2087",
"KTS#2224",
"ECDSA#917",
"CVL#880",
"Triple-DES#2223",
"AES#4054",
"HMAC#2867",
"DRBG#1399",
"DSA#1104",
"KTS#2646",
"AES#4329",
"SHS#3343",
"CVL#926",
"AES#4056",
"HMAC#2646",
"SHS#3571",
"ECDSA#909",
"RSA#2202",
"Triple-DES#2224",
"Triple-DES#2222",
"DRBG#1216",
"DSA#1096",
"HMAC#2648"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:srx3400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx1400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx3600:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"12.3"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 1
},
"ECDSA": {
"ECDSA": 24
}
},
"FF": {
"DH": {
"DH": 3,
"Diffie-Hellman": 30
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 7
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 9
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 15,
"IKEv1": 4,
"IKEv2": 4
},
"IPsec": {
"IPsec": 10
},
"SSH": {
"SSH": 39,
"SSHv2": 2
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 50,
"P-384": 30
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2223": 1,
"#2224": 1,
"#2646": 2,
"#2648": 2,
"#4054": 1,
"#4056": 1
}
},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 3,
"AES Cert. #4054": 1,
"AES Cert. #4056": 1,
"AES [197": 3,
"DSA [186": 2,
"HMAC Cert. #2646": 4,
"HMAC Cert. #2648": 4,
"HMAC SHA-256": 1,
"HMAC [198": 3,
"HMAC-SHA- 1": 1,
"HMAC-SHA- 1-96": 3,
"HMAC-SHA- 256": 1,
"HMAC-SHA- 512": 1,
"HMAC-SHA-1": 6,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"RSA 2048": 7,
"SHA 1, 256": 3,
"SHA 256": 11,
"SHA-1": 6,
"SHA-256": 10,
"SHA-384": 3,
"SHA-512": 2,
"SHS [180": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 6
},
"SHA2": {
"SHA-256": 13,
"SHA-384": 1,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 5
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {
"FI": {
"malfunction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 8,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-90A": 2
},
"X509": {
"X.509": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 14
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 12
}
},
"constructions": {
"MAC": {
"HMAC": 14,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/AAPL:Keywords": "[]",
"/Author": "",
"/CreationDate": "D:20170609212505Z00\u002700\u0027",
"/Creator": "Word",
"/Keywords": "",
"/ModDate": "D:20170609212505Z00\u002700\u0027",
"/Producer": "Mac OS X 10.12.5 Quartz PDFContext",
"/Subject": "",
"/Title": "123X48D30_SRX_1400-3400-3600_Security_Policy_1-10_20170609_trackedChangesAccepted",
"pdf_file_size_bytes": 5890796,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 29
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "aea1a972c26c53031f9a087bae09b9d8082f1b49df46c52e6da953dbbaa04d73",
"policy_txt_hash": "924fe0401c22942c04e6895751dab628c72ed78ff69f9bc997330bd2a096381e"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertJune2017.pdf",
"date_sunset": null,
"description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS-FIPS 12.3X48-D30",
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": "P/Ns SRX1400BASE-GE-AC with [1] or [2], SRX1400BASE-GE-DC with [1] or [2], SRX3400BASE-AC with [2], SRX3400BASE-DC with [2], SRX3400BASE-DC2 with [2], SRX3600BASE-AC with [2], SRX3600BASE-DC with [2], and SRX3600BASE-DC2 with [2]; Service Processing Cards SRX1K-NPC-SPC-1-10-40 [1] or SRX3K-SPC-1-10-40 [2]; with Tamper Seals JNPR-FIPS-TAMPER-LBLS",
"level": 2,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX1400, SRX3400, and SRX3600 Services Gateways",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2017-06-14",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}