Copyright Juniper, 2020 Document Version 1.0 Page 1 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Juniper Networks Junos Space Network Management Platform, with or without Network Director and with or without Security Director in JA2500 Firmware: Junos Space 19.1R1_FIPS, Network-Director.3.6R3.15 and Security-Director-19.1R1.23 Non-Proprietary FIPS 140-2 Cryptographic Module Security Policy Document Version: 1.0 Date: December 14, 2020 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408.745.2000 1.888 JUNIPER www.juniper.net Copyright Juniper, 2020 Document Version 1.0 Page 2 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Table of Contents 1 Introduction ....................................................................................................................4 1.1 Cryptographic Boundary ..............................................................................................................6 1.2 Modes of Operation.....................................................................................................................8 1.2.1 FIPS Approved Mode ..........................................................................................................8 1.2.2 Non-Approved Mode..........................................................................................................8 1.3 Zeroization....................................................................................................................................9 2 Cryptographic Functionality...........................................................................................10 2.1 AllowedAlgorithms and Protocols .............................................................................................. 10 2.2 DisallowedAlgorithms and Protocols......................................................................................... 16 2.3 Critical Security Parameters........................................................................................................ 17 3 Roles, Authentication and Services................................................................................19 3.1 Roles and Authentication of Operators to Roles ...................................................................... 19 3.2 Authentication Methods ........................................................................................................... 19 3.3 Approved and Allowed Services ................................................................................................ 20 3.4 Non-Approved Services............................................................................................................. 22 4 Self-tests........................................................................................................................24 5 Physical Security Policy..................................................................................................26 6 Security Rules and Guidance..........................................................................................27 6.1 Crypto-Officer Guidance ........................................................................................................... 27 6.1.1 Installing the FIPS-Approved firmware............................................................................ 28 6.1.2 Enabling FIPS-Approved Mode of Operation .................................................................. 31 6.1.3 Placing the Module in a Non-Approved Mode of Operation .......................................... 35 7 References and Definitions............................................................................................39 Copyright Juniper, 2020 Document Version 1.0 Page 3 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). List of Tables Table 1 – Security Level of Security Requirements.......................................................................................5 Table 2 – Ports and Interfaces ......................................................................................................................7 Table 3 – OpenSSL Approved Cryptographic Functions..............................................................................10 Table 4 – Bouncy Castle Approved Cryptographic Functions .....................................................................13 Table 5 – OpenSSH Approved Cryptographic Functions.............................................................................14 Table 6 – NSS Approved Cryptographic Functions......................................................................................14 Table 7 – Linux Kernel Crypto Approved Cryptographic Functions ............................................................14 Table 8 – Allowed Cryptographic Functions ...............................................................................................15 Table 9 – Protocols Allowed in FIPS Mode..................................................................................................15 Table 10 – Critical Security Parameters (CSPs) ...........................................................................................17 Table 11– Public Keys..................................................................................................................................18 Table 12 – Authenticated Services..............................................................................................................20 Table 13 – Unauthenticated service ...........................................................................................................21 Table 14 – CSP Access Rights within Services .............................................................................................21 Table 15 – Authenticated Services..............................................................................................................22 Table 16– Unauthenticated service ............................................................................................................23 Table 17 – References.................................................................................................................................39 Table 18 – Acronyms and Definitions .........................................................................................................40 Table 19 – Datasheets.................................................................................................................................40 List of Figures Figure 1- JA2500 Hardware Appliance Front Panel ......................................................................................6 Figure 2- JA2500 Hardware Appliance Rear Panel........................................................................................7 Copyright Juniper, 2020 Document Version 1.0 Page 4 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 1 Introduction This is a non-proprietary Cryptographic Module Security Policy for the Juniper Networks Junos Space Network Management Platform, with or without Network Director and with or without Security Director in JA2500. Junos Space Network Management Platform works with Juniper management applications to simplify and automate management of switching, routing, and security devices. As part of a complete solution, the platform provides broad fault, configuration, accounting, performance, and security management (FCAPS) capability, same day support for new devices and Junos OS releases, a task-specific user interface, and northbound APIs for integration with existing network management systems (NMS) or operations/business support systems (OSS/BSS). Junos Space Network Director is a smart, comprehensive, and automated turnkey network management solution. Administrators can use it to visualize, analyze, and control their entire enterprise networks, all through an integrated management screen. Junos Space Security Director provides security policy management through an intuitive, centralized interface that offers enforcement across emerging and traditional risk vectors. Using intuitive dashboards and reporting features, you gain insight into threats, compromised devices, risky applications, and more. This FIPS 140-2 validation includes the following: the Junos Space Platform and, the Network Director (ND) and Security Director (SD) Network Management Applications installed on a JA2500 hardware appliance. The FIPS validated version of the Junos Space firmware is Junos Space 19.1R1_FIPS which can be installed on the JA2500 appliance and configured to operate with Junos Space Security Director and/or Junos Space Network Director. The FIPS validated versions of the ND and SD are Network- Director.3.6R3.15, and Security-Director-19.1R1.23 respectively. The cryptographic implementations are in the Junos Space platform alone, the ND and SD applications do not contain any cryptographic implementations of their own. The cryptographic module is defined as a multiple-chip standalone hardware module that executes Junos Space 19.1R1_FIPS firmware (and optionally Network-Director.3.6R3.15 and/or Security-Director- 19.1R1.23) on the Juniper JA2500 hardware appliance. Copyright Juniper, 2020 Document Version 1.0 Page 5 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). The module is designed to meet FIPS 140-2 Level 1 overall: Table 1 – Security Level of Security Requirements Area Description Level 1 Module Specification 1 2 Ports and Interfaces 1 3 Roles and Services 3 4 Finite State Model 1 5 Physical Security 1 6 Operational Environment N/A 7 Key Management 1 8 EMI/EMC 1 9 Self-test 1 10 Design Assurance 3 11 Mitigation of Other Attacks N/A Overall 1 The module has a limited operational environment as per the FIPS 140-2 definitions. The module does not implement any mitigations of other attacks as defined by FIPS 140-2. Copyright Juniper, 2020 Document Version 1.0 Page 6 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 1.1 Cryptographic Boundary The cryptographic boundary of the module is the outer edge of the JA2500 chassis as depicted in Figure 1 below. The module excludes the power supplies from the requirements of FIPS 140-2. The power supplies do not contain any security relevant components and cannot affect the security of the module. The JA2500 module can be configured with either of the following: • Junos Space • Junos Space with Network Director. • Junos Space with Security Director. • Junos Space with both Network Director and Security Director. All of the combinations listed above comprise of the Junos Space 19.1R1_FIPS firmware. The version of ND is Network-Director.3.6R3.15 and that of SD is Security-Director-19.1R1.23. Figure 1- JA2500 Hardware Appliance Front Panel 1—Hard drive 5—Console port 2—IOC expansion slot 6—Hardware Fault LED 3—Network (Ethernet) ports 7—Hard Disk Activity LED 4—USB port 8—Power LED Copyright Juniper, 2020 Document Version 1.0 Page 7 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Figure 2- JA2500 Hardware Appliance Rear Panel 1—Cooling fans 3—Redundant power supply module slot 2—Power switch 4—Power supply module Table 2 – Ports and Interfaces Port # of ports Description Logical Interface Type Ethernet 4 (RJ-45 Ethernet 10/100/1000 ports for Management/Data ) LAN Communications/Remote management Control in, Data in, Data out, Status out Serial 1 Console serial port Control in, Data in, Data out Status out USB 1 USB port – load Junos image Control in, Data in Power 2 Power connector Power LEDs 3 Status indicator lighting Status out Power Switch 1 to power on or power off the module Control in Copyright Juniper, 2020 Document Version 1.0 Page 8 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 1.2 Modes of Operation The module supports one FIPS Approved mode of operation and a non-Approved mode of operation. The FIPS Approved mode of operation can only be set during the installation of the module. The module must always be zeroized when switching between the FIPS Approved mode of operation and the non-Approved mode of operation and vice versa. 1.2.1 FIPS Approved Mode The cryptographic boundary with either one of the four configuration options and Junos Space 19.1R1_FIPS installed as defined in section 1.1, contains a FIPS-Approved mode of operation and a non- Approved mode of operation. The module is configured during initialization to operate in an approved mode or a non-approved mode. The Crypto-Officer places the module in the Approved mode of operation by following the instructions in cryptographic officer guidance (section 6.1). Next, the module is configured in FIPS mode, by following the instructions in cryptographic officer guidance (section 6.1.2). Once the module has rebooted and the integrity and self-tests have run successfully on initial power-on in the FIPS mode, the module is operational in the FIPS-Approved mode. 1.2.2 Non-Approved Mode The cryptographic module supports a non-Approved mode of operation. When operated in the non- Approved mode of operation, the module supports the algorithms identified in Section 2.2 as well as the algorithms supported in the Approved mode of operation. The Crypto-Officer can place the module into a non-approved mode of operation by following the instructions in the cryptographic officer guidance (section 6.1). Copyright Juniper, 2020 Document Version 1.0 Page 9 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 1.3 Zeroization The cryptographic module provides a non-Approved mode of operation in which non-approved cryptographic algorithms are supported. When transitioning between the non-Approved mode of operation and the Approved mode of operation, the Cryptographic Officer must zeroize all CSPs. Zeroization completely erases all keys, CSPs and configuration information on the JA2500 hardware appliance. This is achieved by formatting the JA2500 hardware appliance using a usb-bootable .iso image file which resets the appliance back into its factory-default settings. The procedure is the same as that outlined in Section 6.1.1 (Installing the Junos Space Platform on the JA2500) of this document. Post zeroization, the module can be initialized by the CO in a FIPS-approved mode of operation by following the instructions in Section 6.1.2 or in a non-approved mode of operation by following the instructions in Section 6.1.3 of this document. Note: The Cryptographic Officer must retain control of the module while zeroization is in process. Copyright Juniper, 2020 Document Version 1.0 Page 10 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 2 Cryptographic Functionality 2.1 Allowed Algorithms and Protocols The module implements the FIPS Approved and Non-Approved but Allowed cryptographic functions listed in Tables 3, 4, 5, 6, 7, and 8 below. Table 9 summarizes the high-level protocol algorithm support. There are some algorithm modes that were tested but not implemented by the module. Only the algorithms, modes, and key sizes that are implemented by the module are shown in these tables. Table 3 – OpenSSL Approved Cryptographic Functions CAVP Cert. Algorithm Standard Mode Key Lengths, Curves, or Moduli Functions C1167 AES PUB 197-38A ECB, CBC, OFB, CFB, CTR, CCM, CMAC Key Sizes: 128, 192, 256 bits Encrypt, Decrypt SP 800-38D GCM Key Sizes: 128, 192, 256 bits Encrypt, Decrypt, AEAD C1167 SHS PUB 180-4 SHA-1, 256, 384, 512 Message Digest Generation, KDF Primitive SHA-224 Message Digest Generation C1167 DRBG SP 800-90A Hash, HMAC SHA-1, 224, 256, 384, 512 Random Bit Generation CTR AES-128, 192, 256 C1167 DSA PUB 186-4 Key sizes: 1024, 2048, 3072 bits (1024 only for SigVer) PQG Gen, PQG Ver, Key Pair Gen, Sig Gen, Sig Ver C1167 ECDSA PUB 186-4 P-224,256,384,521 KeyGen, PKV Copyright Juniper, 2020 Document Version 1.0 Page 11 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). P-224 (SHA-11 ,SHA- 224,256,384,512), P-256 (SHA- 11 ,224,256,384,512), P-384 (SHA- 11 ,224,256,384, 512) P-521 (SHA-11 , SHA- 224, 256,384, 512) Sig Gen, Sig Ver N/A KTS AES Cert. #C1167 (modes: CBC, CTR, CFB) and HMAC Cert. #C1167 key establishment methodology provides between 128 and 256 bits of encryption strength AES Cert. #C1167 (mode: AES-GCM) key establishment methodology provides between 128 and 256 bits of encryption strength C1167 RSA PUB 186-4 n=2048, 3072 KeyGen X9.31 n=2048, 3072, 40962 (SHA-256, SHA-384, SHA-512) SigGen PKCS1_V1_5, PKCSPSS n=2048, 3072 (SHA-224, SHA-256, SHA-384, SHA-512) n=40962 (SHA-256, SHA-384, SHA-512) 1 SHA-1 is approved for SigVer alone and is not approved for SigGen. 2 RSA 186-4 SigGen 4096-bit modulus was not tested by the CAVP; however, it is Approved for use per CMVP guidance, because RSA 186-2 SigGen 4096-bit modulus has been tested and testing for RSA 186-4 SigGen 4096-bit modulus was not available at the time of validation. Copyright Juniper, 2020 Document Version 1.0 Page 12 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). X9.31 n=1024, n=2048, n=3072 (SHA-1, SHA-256, SHA- 384, SHA-512) SigVer PKCS1_V1_5, PKCSPSS n=1024, n=2048, n=3072 (SHA-1, SHA-224, SHA- 256, SHA-384, SHA- 512) C1167 HMAC PUB 198 SHA-1 Key size: 160 bits, λ = 96 Message Authentication SHA-224 Key size: 224 bits, λ = 224 SHA-256 Key size: 256 bits, λ = 128 SHA-384 Key size: 384 bits, λ = 384 SHA-512 Key size: 512 bits, λ = 512 N/A3 KAS-SSC SP 800- 56Arev3 ECDH P-224 (SHA 224) P-256 (SHA 256) P-384 (SHA 384) P-521 (SHA 512) Key Agreement Scheme – Shared Secret Computation DH Safe prime groups per Appendix D. C1167 CVL SP 800-135 TLS v1.2 SHA-256, 384 Key Derivation SNMP N/A4 CKG SP 800 - 133rev2 Section 4 Asymmetric seed generation (for use in asymmetric key 3 Vendor Affirmed per IG D.1rev3. 4 Vendor Affirmed. Copyright Juniper, 2020 Document Version 1.0 Page 13 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). generation) using unmodified DRBG output Section 6.2.1 Derivation of symmetric keys Table 4 – Bouncy Castle Approved Cryptographic Functions CAVP Cert. Algorithm Standard Mode Key Lengths, Curves, or Moduli Functions C1373 AES PUB 197-38A ECB, CBC Key Sizes: 128, 192, 256 bits Encrypt, Decrypt C1373 SHA PUB 180-4 SHA-1, SHA-256 Message Digest Generation C1373 DRBG SP 800-90A Hash SHA-256 Random Bit Generation C1373 DSA PUB 186-4 Key Size: 2048 KeyPair Gen, SigGen, SigVer C1373 ECDSA PUB 186-4 P-256 (SHA-256) SigGen, SigVer C1373 RSA PUB 186-4 PKCS1_V1_ 5 n=2048 (SHA 256) SigGen, SigVer N/A5 CKG SP 800 - 133rev2 Section 4 Asymmetric seed generation (for use in asymmetric key generation) using unmodified DRBG output Section 6.1 Direct Generation of symmetric keys 5 Vendor Affirmed. Copyright Juniper, 2020 Document Version 1.0 Page 14 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Table 5 – OpenSSH Approved Cryptographic Functions CAVP Cert. Algorithm Standard Mode Key Lengths, Curves, or Moduli Functions C966 CVL SP 800-135 SSH SHA-1, SHA-256, SHA- 384, SHA-512 Key Derivation Table 6 – NSS Approved Cryptographic Functions CAVP Cert. Algorithm Standard Mode Key Lengths, Curves, or Moduli Functions C1183 AES PUB 197-38A CBC Key Sizes: 128 bits Encrypt, Decrypt C1183 SHS PUB 180-4 SHA-256 Message Digest Generation C1183 HMAC PUB 198 SHA-256 Message Authentication N/A KTS AES Cert. #C1183 (mode: CBC) and HMAC Cert. #C1183 key establishment methodology provides 128 bits of encryption strength C1183 DRBG SP 800-90A Hash SHA-256 Random Bit Generation C1183 RSA PUB 186-4 PKCS1_V1_ 5 n=2048 (SHA 256) SigGen, SigVer C1183 CVL SP 800-135 TLS v1.2 SHA-256 Key Derivation Table 7 – Linux Kernel Crypto Approved Cryptographic Functions CAVP Cert. Algorithm Standard Mode Key Lengths, Curves, or Moduli Functions C1202 AES PUB 197-38A CBC Key Size: 128 bits Encrypt, Decrypt C1202 SHS PUB 180-4 SHA-256 Message Digest Generation C1202 DRBG SP 800-90A Hash SHA-256 Random Bit Generation Copyright Juniper, 2020 Document Version 1.0 Page 15 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Table 8 – Allowed Cryptographic Functions Algorithm Caveat Use NDRNG [IG] 7.14 Scenario 1a The module generates a minimum of 256 bits of entropy for key generation. Seeding the DRBG Table 9 – Protocols Allowed in FIPS Mode Protocol Key Exchange Auth Cipher Integrity SSHv2 (Server) Diffie-Hellman (group 14 sha-1) EC Diffie-Hellman P-256, P-384, P-521 RSA 2048 ECDSA P-256, P-384, P-521 AES CBC 128/256 AES CTR 128/256 HMAC-SHA- 1 HMAC-SHA- 256 HMAC-SHA- 512 HTTPS/TLS v1.2 EC Diffie-Hellman RSA 2048 AES GCM6 256 AEAD (SHA- 384) SCP (SSHv2 Client) Diffie-Hellman (group 14, sha-1) EC Diffie-Hellman (SHA-2) P-256, P-384, P-521 RSA 2048 ECDSA P-256, P-384, P-521 AES CBC 128/256 AES CTR 128/256 HMAC-SHA- 1 HMAC-SHA- 256 HMAC-SHA- 512 SNMPv3 Session Key: AES-128 HMAC-SHA-1 AES-128/192/256 6 The AES GCM is used as part of TLS 1.2 cipher suites conformant to IG A.5, RFC 5288, and SP 800-52. The module’s AES-GCM implementation conforms to IG A.5 scenario #1 following RFC 5288 for TLS. The module implements nonce management logic that ensures when the nonce_explicit part of the IV exhausts the maximum number of possible values for a given session key, per RFC 5246, if the module is the party that encounters this condition it will trigger a handshake to establish a new encryption key. Per RFC 5647 the module ensures that if the invocation counter reaches its maximum value 2^64 – 1, the next AES GCM encryption is performed with the invocation counter set to either 0 or 1, with a maximum of 2^64 – 1 encryptions per session. Copyright Juniper, 2020 Document Version 1.0 Page 16 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). No part of these protocols, other than the KDF, have been tested by the CAVP and CMVP. The SSH algorithms allow independent selection of key exchange, authentication, cipher and integrity. In reference to the Allowed Protocols in Table 9 above: each column of options for a given protocol is independent and may be used in any viable combination. These security functions are also available in the SSH connect (non-compliant) service. 2.2 Disallowed Algorithms and Protocols These algorithms are non-Approved algorithms that are disabled when the module is operated in an Approved mode of operation. Algorithms • RSA with key size less than 2048 • ECDSA with ed25519 curve • ECDH with ed25519 curve • ARCFOUR • Blowfish • CAST • HMAC-MD5 • HMAC-RIPEMD160 • UMAC Protocols • Finger • ftp • rlogin • telnet • tftp • xnm-clear-text Copyright Juniper, 2020 Document Version 1.0 Page 17 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 2.3 Critical Security Parameters All CSPs and public keys used by the module are described in this section. Table 10 – Critical Security Parameters (CSPs) Name Description and usage DRBG_Seed Seed material used to seed or reseed the DRBG DRBG_State V and Key values for the HMAC_DRBG Entropy Input String 256 bits entropy (min) input used to instantiate the DRBG SSH PHK SSH Private host key. 1st time SSH is configured, the keys are generated. RSA 2048, ECDSA P-256, P-384, P-512. Used to identify the host. SSH DH SSH Diffie-Hellman private component. Diffie-Hellman private key used in SSH. DH (group 14, sha-1). SSH ECDH SSH Elliptic Curve Diffie-Hellman private component. Ephemeral Diffie-Hellman private key used in SSH. ECDH P-256, or ECDH P-384 or ECDH P-521 ECDH Shared Secret The Diffie-Hellman shared secret used in EC Diffie-Hellman (ECDH) exchange. Created per the EC Diffie-Hellman protocol. Provides between 128-256 bits of security. DH Shared Secret The Diffie-Hellman shared secret used in EC Diffie-Hellman (ECDH) exchange. Created per the EC Diffie-Hellman protocol. Provides between 128-256 bits of security. SSH-SEKs SSH Session Keys: SSH Session Encryption Key: AES; SSH Session Integrity Key: HMAC SNMPv3 Password Shared secret used to derive HMAC-SHA1 key for SNMPv3 Authentication SNMPv3 session key SNMPv3 Session Key: AES-128. Used to encrypt the SNMPv3 traffic. SnmpEngineID Unique string to identify the SNMP engine. 32-bit. HTTPS Pre- Master secret Shared Secret used to derive the master secret (to create HTTPS session keys). HTTPS Master secret Shared Secret used to create HTTPS session keys. HTTPS SEKs HTTPS Session Keys: HTTPS Encryption Key: AES-GCM-256; HTTPS Integrity Key: AEAD (SHA-384). TLS Pre-Master secret Shared Secret used to derive the master secret (create TLS session keys). TLS Master secret Shared Secret used to create TLS session keys. TLS-SEKs TLS Session Keys: TLS Encryption Key: AES-GCM-256; TLS Integrity Key: AEAD (SHA-384). TLS RSA private key RSA 2048 Copyright Juniper, 2020 Document Version 1.0 Page 18 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). CO-PW ASCII Text used to authenticate the CO. User-PW ASCII Text used to authenticate the User. Table 11– Public Keys Name Description and usage SSH-PUB SSH Public Host Key. RSA 2048, ECDSA P-256, P-384, P-521. Used to identify the host. SSH-DH-PUB Diffie-Hellman public component. Diffie-Hellman public key used in SSH key establishment. DH (group 14, SHA-1) SSH-ECDH- PUB Elliptic Curve Diffie-Hellman public component. Ephemeral EC Diffie-Hellman public key used in SSH key establishment. ECDH P-256, ECDH P-384 or ECDH P-521 TLS RSA public key RSA 2048 Copyright Juniper, 2020 Document Version 1.0 Page 19 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 3 Roles, Authentication and Services 3.1 Roles and Authentication of Operators to Roles The module supports two roles: Cryptographic Officer (CO) and User. The module supports concurrent operators via the GUI but does not support a maintenance role or any bypass capability. The module enforces the separation of roles using the identity-based operator authentication method as described in section 3.2. The Cryptographic Officer role configures and monitors the module via the GUI, a console or SSH connection. The User role monitors the module via the GUI alone. The user role cannot initialize the module. 3.2 Authentication Methods The module implements two forms of Identity-Based authentication, Username and password over the CLI (Console and SSH) for the CO role and Username and password over the GUI for both the CO and user roles. Password authentication (GUI): The module enforces 6-character passwords (at minimum) chosen from the 96 human readable ASCII characters. Thus, the probability of a successful random attempt is 1/(96^6), which is less than 1/1 million. The passwords must contain at least one lowercase character and one number. The passwords must not repeat or reverse the Login ID, contain more than three repetitive characters or end in a number. Password authentication (Console/SSH i.e. CLI): A password or passphrase can be set for the CO role over the CLI. A valid password should be a mix of upper and lower case letters, digits, and other characters. An 8 character-long password with characters from at least 3 of these 4 classes can be used chosen from the 96 human readable ASCII characters. Thus, the probability of a successful random attempt is 1/(96^8), which is less than 1/1 million. An upper case letter that begins the password and a digit that ends it do not count towards the number of character classes used, unless the "disable_firstupper_lastdigit_check" option is enabled. A passphrase should be of at least 3 words, 16 to 40 characters long, and contain enough different characters, thus enforcing a 48 character-long password at minimum. Thus, the probability of a successful random attempt is 1/(96^48), which is less than 1/1 million. The module enforces a timed access mechanism as follows: For the first two failed attempts (assuming 0 time to process), no timed access is enforced. Upon the third attempt, the module enforces a 5-second delay. Each failed attempt thereafter results in an additional 5-second delay above the previous (e.g. 4 th failed attempt = 10-second delay, 5 th failed attempt = 15-second delay, 6 th failed attempt = 20-second Copyright Juniper, 2020 Document Version 1.0 Page 20 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). delay, 7 th failed attempt = 25-second delay). This leads to a maximum of 7 possible attempts in a one- minute period for each getty. The best approach for the attacker would be to disconnect after 4 failed attempts and wait for a new getty to be spawned. This would allow the attacker to perform roughly 9.6 attempts per minute (576 attempts per hour/60 mins); this would be rounded down to 9 per minute, because there is no such thing as 0.6 attempts. The probability of a success with multiple consecutive attempts in a one-minute period is 9/(96^6), which is less than 1/100,000. 3.3 Approved and Allowed Services All services implemented by the module are listed in the tables below. Table 14lists the access to CSPs by each service. Table 12 – Authenticated Services Service Description CO User Configure security Security relevant configuration X Configure Non-security relevant configuration X X Status Show status X X Zeroize Destroy all CSPs X SSH connect (inbound) Initiate SSH connection for SSH monitoring and control (CLI) of the module X SSH connect (outbound) Initiate SSH connection for SSH monitoring and control of external network devices (CLI) X X Console access Console monitoring and control (CLI) X HTTPS Initiate an HTTPS connection for monitoring and control (GUI) X X SCP Secure copy for backups and recovery X X SNMPv3 Remote monitoring of external network devices X X TLS (Syslog) Used to encrypt syslog messages X X TLS (MySQL, Postgres) Used to encrypt connections/access to the databases X X Remote reset Software initiated reset. Used to perform self-tests on demand. X Load Image Verification and loading of a validated firmware image. X Copyright Juniper, 2020 Document Version 1.0 Page 21 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Table 13 – Unauthenticated service Service Description Local reset Hardware reset or power cycle Table 14 – CSP Access Rights within Services Servic e CSPs DRBG_Seed DRBG_State Entropy Input String ECDH Shared Secret DH Shared Secret SSH PHK SSH ECDH SSH DH SSH-SEK snmpEngineID SNMPv3 Password SNMPv3 session key HTTPS/TLS Pre- Master secret HTTPS/TLS Master secret HTTPS TLS-SEKs TLS Pre-Master secret TLS Master secret TLS-SEKs TLS RSA private key CO-PW User-PW Config ure securi ty -- E -- G W R G W R G W R -- -- -- W R W R -- W W -- W W -- G W R W W Config ure -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Status -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- Zeroiz e Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z Z SSH conne ct (inbou nd) -- E -- E E E G E G E G E -- -- -- -- -- -- -- -- -- -- E -- SSH conne ct (outb ound) -- E -- E E E G E G E G E -- -- -- -- -- -- -- -- -- -- E E Consol e access -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- E -- HTTPS -- E -- E -- -- -- -- -- -- -- -- E E G E E E G E E E E Copyright Juniper, 2020 Document Version 1.0 Page 22 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). SCP -- E -- E E E G E G E G E -- -- -- -- -- -- -- -- -- -- E E SNMP v3 -- -- -- -- -- -- -- -- -- E E G E -- -- -- -- -- -- -- E E TLS v1.2 -- E -- E E -- -- -- -- -- -- -- -- -- -- E E G E E E E Remot e reset G E Z G Z G Z Z Z -- Z Z Z -- -- Z Z Z Z Z Z Z -- -- -- Local reset G E Z G Z G Z Z Z -- Z Z Z -- -- Z Z Z Z Z Z Z -- -- -- Load Image -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- G = Generate: The module generates the CSP R = Read: The CSP is read from the module (e.g. the CSP is output) E = Execute: The module executes using the CSP W = Write: The CSP is updated or written to the module Z = Zeroize: The module zeroizes the CSP. 3.4 Non-Approved Services The following services are available in the non-Approved mode of operation. The security functions provided by the non-Approved services are identical to the Approved counterparts with the exception of SSH Connect (non-compliant). SSH Connect (non-compliant) supports the security functions identified in Section 2.2 and the SSHv2 row of Table 9. Table 15 – Authenticated Services Service Description CO User Configure security (non- compliant) Security relevant configuration X Configure (non- compliant) Non-security relevant configuration X X Status (non- compliant) Show status X X Copyright Juniper, 2020 Document Version 1.0 Page 23 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Zeroize (non- compliant) Destroy all CSPs X SSH connect (inbound) (non- compliant) Initiate SSH connection for SSH monitoring and control (CLI) of the module X SSH connect (outbound) (non- compliant) Initiate SSH connection for SSH monitoring and control of external network devices (CLI) X X Console access (non-compliant) Console monitoring and control (CLI) X HTTPS (non- compliant) Initiate an HTTPS connection for monitoring and control (GUI) X X SCP (non- compliant) Secure copy for backups and recovery X X SNMPv3 (non- compliant) Remote monitoring of external network devices X X TLS (Syslog) (non- compliant) Used to encrypt syslog messages X X TLS (MySQL, Postgres) (non- compliant) Used to encrypt connections/access to the databases X X Remote reset (non-compliant) Software initiated reset. Used to perform self-tests on demand. X Load Image Verification and loading of a validated firmware image. X Table 16– Unauthenticated service Service Description Local reset (non- compliant) Hardware reset or power cycle Copyright Juniper, 2020 Document Version 1.0 Page 24 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 4 Self-tests Each time the module is powered up, it tests that the cryptographic algorithms still operate correctly, and that sensitive data have not been damaged. Power-up self–tests are available on demand by power cycling the module. On power-up or reset, the module performs the self-tests described below. All KATs must be completed successfully prior to any other use of cryptography by the module. If one of the KATs fails, the module enters the Critical Failure error state. The module performs the following power-up self-tests: • Firmware Integrity check using HMAC-SHA256 • OpenSSL KATs o SP 800-90A HMAC DRBG KAT ▪ Health-tests initialize, re-seed, and generate o SP 800-90A Hash DRBG KAT ▪ Health-tests initialize, re-seed, and generate o SP 800-90A CTR DRBG KAT ▪ Health-tests initialize, re-seed, and generate o ECDSA Sign/Verify PCT o RSA Sign/Verify KAT o HMAC-SHA-1 KAT o HMAC-SHA-224 KAT o HMAC-SHA-256 KAT o HMAC-SHA-384 KAT o HMAC-SHA-512 KAT o AES-CBC (128/192/256) Encrypt KAT o AES-CBC (128/192/256) Decrypt KAT o AES-CMAC (128/192/256) KAT o AES-GCM (128) KAT o DSA Sign/Verify KAT • Bouncy Castle KATs o AES-ECB (128) Encrypt/Decrypt KAT o SHA-1 KAT o SHA-256 KAT o SP 800-90A Hash DRBG KAT ▪ Health-tests initialize, re-seed, and generate Copyright Juniper, 2020 Document Version 1.0 Page 25 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). o DSA 2048 Sign/Verify KAT o ECDSA P-256 Sign/Verify KAT o RSA 2048 Sign/Verify KAT • NSS o AES-CBC (128) Encrypt KAT o AES-CBC (128) Decrypt KAT o HMAC-SHA-256 KAT o SP 800-90A Hash DRBG KAT ▪ Health-tests initialize, re-seed, and generate o RSA w/ SHA-256 Sign/Verify KAT • Linux Kernel Crypto o AES-CBC (128) Encrypt KAT o AES-CBC (128) Decrypt KAT o SHA-256 KAT o SP 800-90A Hash DRBG KAT ▪ Health-tests initialize, re-seed, and generate The module also performs the following conditional self-tests: • Continuous RNG Test on the SP 800-90A HMAC-DRBG, Hash-DRBG and CTR DRBG for the OpenSSL library and Hash-DRBG for the Bouncy Castle, NSS and Linux Kernel Crypto libraries. • Continuous RNG test on the NDRNG. • Pairwise consistency test when generating DSA, ECDSA, and RSA key pairs. • Firmware Load Test (HMAC-SHA256 signature verification) on the Junos Space platform, as well as a Firmware load test (RSA2 SHA-256 signature verification) on the ND and SD applications. Copyright Juniper, 2020 Document Version 1.0 Page 26 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 5 Physical Security Policy The modules physical embodiment is that of a multi-chip standalone device that meets the FIPS 140-2 Level 1 physical security requirements. The module is completely enclosed in rectangular, cold rolled steel, plated steel, and brushed aluminum enclosure with a nickel or clear zinc coating. There are no ventilation holes, gaps, slits, cracks, slots, or crevices that would allow for any sort of observation of any component contained within the cryptographic boundary. Copyright Juniper, 2020 Document Version 1.0 Page 27 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 6 Security Rules and Guidance The module design corresponds to the security rules below. The term must in this context specifically refers to a requirement for correct usage of the module in the Approved mode; all other statements indicate a security rule implemented by the module. 1. The module clears previous authentications on power cycle. 2. When the module has not been placed in a valid role, the operator does not have access to any cryptographic services. 3. Power up self-tests do not require any operator action. 4. Data output is inhibited during key generation, self-tests, zeroization, and error states. 5. Status information does not contain CSPs or sensitive data that if misused could lead to a compromise of the module. 6. There are no restrictions on which keys or CSPs are zeroized by the zeroization service. 7. The module does not support a maintenance interface or role. 8. The module does not support manual key entry. 9. The module does not output intermediate key values. 10. The module does not support output of plaintext CSPs. 11. The cryptographic officer must retain control of the module while zeroization is in process. 12. If the module loses power and then it is restored, then a new key shall be established for use with the AES GCM encryption/decryption processes. 13. The cryptographic officer shall verify that the Junos Space firmware as well as the ND and SD applications which can be loaded on the module are the FIPS validated images. If any non-validated firmware or application is loaded the module will no longer be a FIPS validated module. 14. The cryptographic officer shall verify that the Junos Space Platform is configured as a single Space node i.e. the Junos Space Platform comprising of the full functionality. If any other type of node or multiple nodes in a cluster are configured, the module will no longer be a FIPS validated module. 6.1 Crypto-Officer Guidance The crypto-officer is responsible for installing the firmware on the JA2500 module, configuring the module in FIPS mode and configuring the operator’s usernames and passwords. The crypto-officer shall follow the instructions for uploading/ installing Junos Space, the ND and the SD images provided in the Juniper Networks Junos Space Network Management Platform FIPS Evaluated Configuration Guide for Junos Space, Release 19.1R1 and the Juniper Networks Junos Space Network Management Platform Complete Software Guide, Release 19.1R1 documentation. The steps mentioned therein have been listed as follows: Copyright Juniper, 2020 Document Version 1.0 Page 28 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 6.1.1 Installing the FIPS-Approved firmware Guide to Download Firmware for Junos Space & the ND/SD Applications from Juniper Networks: 1. Using a Web browser, follow the link to the download URL on the Juniper Networks webpage at https://www.juniper.net/support/downloads/ . 2. Log in to the Juniper Networks website using the username (generally your e-mail address) and password supplied by your Juniper Networks representatives. 3. Select the Software tab under Junos Space Network Management Platform and select “Image for hardware Appliance” 4. Download the appropriate firmware for the Junos Space Platform Release 19.1R1 i.e. firmware version Junos Space 19.1R1_FIPS: space-19.1R1.392364-usb.iso file. 5. Also download the ND and SD images for Release 19.1R1 to a local host or to an internal software distribution site. 6. Verify the checksum of the download with the provided checksum. The SHA256 checksum can be found under “Checksum”. Installing the Junos Space Platform on the JA2500: The cryptographic officer can install the Junos Space Platform firmware on the JA2500 following the steps below: 1. Create a bootable USB drive: 1. Plug the USB to a USB port on a laptop/PC connected to the internet. 2. Create a bootable USB drive using the .iso image file downloaded for the Junos Space Platform using the steps outlined in the section above (Guide to Download Firmware for Junos Space & the ND/SD Applications from Juniper Networks). 2. Plug the USB drive into the USB port of the JA2500 Appliance and power on the appliance. 3. As soon as the appliance starts powering on, press the key that you have mapped to send the DEL character in the terminal emulation utility. In most cases, this would be the Backspace key. If you are successful in accessing the BIOS setup, the boot menu appears after about one minute. 4. Ensure that the USB boot is at the top of the appliance boot priority order. If USB KEY:CBM USB 2.0- (USB 2.0) is not at the top of the list, do the following: a. Use the down arrow to select USB KEY:CBM USB 2.0- (USB 2.0) and use the + key to move the entry to the top of the list. b. Press the F10 key to save your changes and exit the BIOS setup. Copyright Juniper, 2020 Document Version 1.0 Page 29 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). The appliance restarts and uses the new boot order, thereby booting from the USB drive. The boot prompt displays a menu, as follows: • reinstall • rescue-kvm • rescue-serial • local You can use the up and down arrows to move between the options. Press Enter to make your selection. 5. At the boot prompt, type “reinstall” and press Enter. When the reinstallation is complete, the appliance powers down. 6. After the appliance has powered down, remove the USB drive from the appliance. 7. Power on the appliance. Verify that the appliance has booted up with the version of the Junos Space Network Management Platform installed. Once this has completed, the CO can then initialize the module in a FIPS approved mode of operation by following steps in Section 6.1.2 or a non-approved mode of operation following the steps in Section 6.1.3 of this document respectively. Adding a Junos Space Application: The administrator can add a new Junos Space application (Network Director or Security Director) while Junos Space Network Management Platform is still running. This can be done either in the FIPS mode of operation or in the non-FIPS mode of operation. The procedure in either case is as follows: Adding an application to the Junos Space Platform server is a two-step process: 1. Upload the application to the Junos Space Platform installed on the JA2500. 2. Install the uploaded application. Uploading the Junos Space Application To upload a Junos Space application: 1. Ensure that the Junos Space application you want to add is downloaded from the Juniper Networks firmware download site to the local client file system: https://www.juniper.net/support/products/space/#sw 2. Select Administration > Applications and click the Add Application icon. The Add Application page Copyright Juniper, 2020 Document Version 1.0 Page 30 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). appears. If you have not uploaded any applications, the page is blank. 3. Upload the new application by performing one of the following steps: a. Click Upload via HTTP. The Software File dialog box appears. i. Type the name of the application file or click Browse to navigate to where the new Junos Space application file is located on the local file system. ii. Click Upload. This action might take a while. Wait until the application is uploaded. b. Click Upload via SCP. The Upload Software via SCP dialog box appears. Add the Secure Copy credentials to upload the Junos Space Platform application image from a remote server to Junos Space. i. In the Username field, enter your username. ii. In the Password field, enter your password. iii. In the Confirm password field, enter your password again to confirm the password. iv. In the Machine IP field, enter the host IP address. v. In the Software File Path field, enter the path name of the Junos Space application file. For example, /root/.img. vi. Click Upload. This action might take a while. Wait until the application is uploaded. 4. In the Application Management Job Information dialog box, if you click the Job ID link, you see the Add Application job on the Jobs > Job Management inventory page. Wait until the job is completed and ensure that the job is successful. If the upload is successful, then the new application is displayed by application name, filename, version, release level, and the required Junos Space Platform version on the Add Application page. Installing the Uploaded Junos Space Application To install the uploaded application: 1. Select Administration > Applications and click the Add Application icon. Copyright Juniper, 2020 Document Version 1.0 Page 31 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). The Add Application page appears. 2. Select the uploaded application. 3. Click Install to install the application or click Cancel to exit the Add Application page. The Application configuration page appears, displaying a list of server groups to which you can deploy the application. 4. Select a server group to which you want to deploy the application. The default server group is platform to which Junos Space Platform is deployed. If you do not select any server group, the selected application is automatically deployed to the default platform server group. 5. Click OK to proceed. The Application Management Job Information dialog box appears. 6. In the Application Management Job Information dialog box, if you click the Job ID link, you see the Add Application job on the Job Management page. Wait until the application is fully deployed and ensure that the job is successful. If the installation of the application is a failure, then the Summary column for the installation job displays the reason for failure. However, the display of messages depends also on the type and version of the application being installed. 7. If the installation is successful, without logging out of Junos Space Platform, select the application from the Application Chooser list (located at the top-left) to view and begin using its workspaces and tasks. 6.1.2 Enabling FIPS-Approved Mode of Operation The cryptographic officer is responsible for initializing the module in a FIPS-Approved mode of operation. The FIPS-Approved mode of operation is not automatically enabled and can only be enabled during the installation process of Junos Space The cryptographic officer shall follow the steps found in the Juniper Networks Junos Space Network Management Platform FIPS Evaluated Configuration Guide for Junos Space, Release 19.1R1 document to place the module into a FIPS-Approved mode of operation. The steps from the aforementioned document are repeated below: To enable FIPS mode in Junos OS on the module: During the Junos Space initialization, the user will be promoted whether to install the node in FIPS mode or not. If the user chooses FIPS mode, then appropriate configuration changes will be done, Junos Space Copyright Juniper, 2020 Document Version 1.0 Page 32 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). files would be indexed for Post Integrity Tests and the Space server will be rebooted to make the changes reflect. There are two types of nodes for Junos Space, namely the Space and FMPM nodes. The Space node is the Junos Space Platform comprising of the full functionality. Every Junos Space Installation requires at least one Space node. The FMPM node is catered to fault and performance monitoring only. For this validation the Space node i.e. the Junos Space Platform has been tested. The “Do you want to enable FIPS mode” question will be prompted for all types of Space nodes (Space/DB/FMPM) installation. Only a FIPS enabled node can be added in a FIPS enabled setup and only a FIPS disabled node can be added in a FIPS disabled setup. The steps for initializing the module are as follows: 1. Access the console on the JA2500 appliance to view the Junos Space login prompt. 2. At the Junos Space login prompt, type admin as your default login name and press Enter. 3. You are prompted to enter the administrator password. Type abc123 as the default administrator password and press Enter. Junos Space prompts you to change your default password. 4. To change the default password, do the following: • Type the default password and press Enter. • Type your new password and press Enter. • Retype your new password and press Enter. If the password is changed successfully, the following message is displayed. Enter the new password to log in to Junos Space. 5. Type S to install the virtual appliance as a Junos Space node. space-node login:admin Password: passwd: all authentication tokens updated successfully Copyright Juniper, 2020 Document Version 1.0 Page 33 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 6. After setting the general network settings, the module provides the option to enable the FIPS mode of operation: Note: Enabling FIPS mode is a one-time activity and it can be done only at the installation. Do you want to enable FIPS mode of Space installation? [y/N] y . . . Entering “y” above will enable the FIPS mode of operation on the module. 7. Once all the required settings have been selected, a summary of the same is printed by the module on the CLI which indicates the following: > FIPS mode is enabled A> Apply settings C> Change settings Q> Quit and set up later R> Redraw Menu . . . FIPS mode enabled successfully. Node will be rebooted in 2 minutes 8. The CO can verify that the FIPS mode has been enabled as follows: • CLI: FIPS mode status is stored in the file - /etc/sysconfig/JunosSpace/jmp-fips, if it contains zero value/empty then the node is running in Non-FIPS mode. A value of one (1) is indicative of the FIPS Approved mode of operation. This Junos Space node can be installed as one of the following: (S)pace Platform Full functionality. Every Junos Space Installation requires at least one Space node. (F)MPM Specialized to fault and performance monitoring only. This requires at least one Space node. Choose the type of node to be installed [S/F] S Copyright Juniper, 2020 Document Version 1.0 Page 34 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Junos Space FIPS mode will be shown in SSH Banner message as below [vignesh@vignesh Desktop]$ ssh admin@10.1.2.198 Space release 19.1R1.391908 (391908) admin@10.1.2.198 's password: • GUI: Junos Space FIPS mode will be shown on the GUI in the following places. 1. Junos Space Logo in Login/Logout screens 2. Junos Space Icon in top left corner of GUI 3. Help -> About page. Copyright Juniper, 2020 Document Version 1.0 Page 35 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). • JVM(Jboss): FIPS mode can be verified by the CO role from the java system property 'FIPSMode' via the CLI. The value would be true when Junos Space is installed in FIPS mode. Adding ND/SD Applications to Junos Space in the FIPS mode: Enabling FIPS mode of operation on the Junos Space platform, automatically enables FIPS mode on the ND and SD applications when they are installed on the Junos Space platform. The steps for adding the ND and/or SD applications to the Junos Space platform are as outlined in section 6.1.1 (Adding a Junos Space Application) above. 6.1.3 Placing the Module in a Non-Approved Mode of Operation As cryptographic officer, the operator may need to place the module from the FIPS-Approved mode of operation to a non-Approved mode of operation by zeroizing the module. Follow the steps found in section 1.3 to zeroize the module. Once the zeroization process has been completed, the operator as the CO can then do the following so as to initialize the module in a non-Approved mode of operation: During the Junos Space initialization, user will be prompted whether to install the node in FIPS mode or not. If the user does not choose the FIPS mode, then the non-approved mode of operation will be enabled. There are two types of nodes for Junos Space, namely the Space and FMPM nodes. The Space node is the Junos Space Platform comprising of the full functionality. Every Junos Space Installation requires at least Copyright Juniper, 2020 Document Version 1.0 Page 36 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). one Space node. The FMPM node is catered to fault and performance monitoring only. For this validation the Space node i.e. the Junos Space Platform has been tested. The “Do you want to enable FIPS mode” question will be prompted for all types of Space nodes installation. To enable the non-approved mode of operation: 1. Follow Steps 1 through 5 outlined in Section 6.1.2 of this document. 2. Select the “N” option as below: Do you want to enable FIPS mode of Space installation? [y/N]: N You have chosen for fresh installation, FIPS mode will not be enabled. Do you want to still proceed with Space normal mode installation? [y/N]: N Normal mode Installation Continued...! 3. Once all the required settings have been selected, a summary of the same is printed by the module on the CLI which indicates does not have the “FIPS mode is enabled” entry thus indicating that the non- approved mode of operation has been enabled. 4. The CO can verify that the non-FIPS mode has been enabled as follows: • CLI: FIPS mode status is stored in the file - /etc/sysconfig/JunosSpace/jmp-fips, if it contains zero value/empty then the node is running in Non-FIPS mode. • SSH: Junos Space non-FIPS mode can be verified from the SSH Banner message as below, the lack of the “(FIPS)” identifier indicates that it is in a non-FIPS mode of operation: [vignesh@vignesh Desktop]$ ssh admin@10.1.2.198 Space release 19.1R1.391908 (391908) admin@10.1.2.198 's password: • GUI: Junos Space non-FIPS mode will be indicated in the GUI in the following places, the lack of the “(FIPS)” identifier indicates that it is in a non-FIPS mode of operation: o Junos Space Logo in Login/Logout screens Copyright Juniper, 2020 Document Version 1.0 Page 37 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). o Junos Space Icon in top left corner of GUI o Help -> About page. Copyright Juniper, 2020 Document Version 1.0 Page 38 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). • JVM(Jboss): FIPS mode can be verified by the CO from the java system property 'FIPSMode' via the CLI. The value would be false when Junos Space is installed in the non-FIPS mode. Adding ND/SD Applications to Junos Space in the non-FIPS mode: Not enabling the FIPS mode of operation on the Junos Space platform, automatically initializes the ND and SD applications in the non-FIPS mode when they are installed on the Junos Space platform. The steps for adding the ND and/or SD applications to the Junos Space platform are as outlined in section 6.1.1 (Adding a Junos Space Application) above. Copyright Juniper, 2020 Document Version 1.0 Page 39 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). 7 References and Definitions The following standards are referred to in this Security Policy. Table 17 – References Abbreviation Full Specification Name [FIPS140-2] Security Requirements for Cryptographic Module, May 25, 2001 [SP800-131A] Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, January 2011 [IG] Implementation Guidance for FIPS PUB 140-2 and the Cryptographic Module Validation Program [135] National Institute of Standards and Technology, Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication 800-135rev1, December 2011. [186] National Institute of Standards and Technology, Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186-4, July, 2013. [197] National Institute of Standards and Technology, Advanced Encryption Standard (AES), Federal Information Processing Standards Publication 197, November 26, 2001 [38A] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation, Methods and Techniques, Special Publication 800-38A, December 2001 [38D] National Institute of Standards and Technology, Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, Special Publication 800- 38D, November 2007 [198] National Institute of Standards and Technology, The Keyed-Hash Message Authentication Code (HMAC), Federal Information Processing Standards Publication 198- 1, July, 2008 [180] National Institute of Standards and Technology, Secure Hash Standard, Federal Information Processing Standards Publication 180-4, August, 2015 [90A] National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A, June 2015. Copyright Juniper, 2020 Document Version 1.0 Page 40 of 40 Juniper Networks Public Material – May be reproduced only in its original entirety (without revision). Table 18 – Acronyms and Definitions Acronym Definition AEAD Authenticated Encryption with Associated Data AES Advanced Encryption Standard DH Diffie-Hellman DSA Digital Signature Algorithm ECDH Elliptic Curve Diffie-Hellman ECDSA Elliptic Curve Digital Signature Algorithm EMC Electromagnetic Compatibility ESP Encapsulating Security Payload FIPS Federal Information Processing Standard HMAC Keyed-Hash Message Authentication Code IKE Internet Key Exchange Protocol IPsec Internet Protocol Security MD5 Message Digest 5 RSA Public-key encryption technology developed by RSA Data Security, Inc. SHA Secure Hash Algorithms SSH Secure Shell Table 19 – Datasheets Model Title URL Junos Space Junos Space https://www.juniper.net/us/en/local/pdf/datasheets/1000297-en.pdf Network Director Junos Space Network Director https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000428- en.pdf Security Director Junos Space Security Director https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000332- en.pdf