This page was not yet optimized for use on mobile
devices.
Juniper Networks SRX300, SRX340, SRX345, SRX550-M, SRX5400, SRX5600 and SRX5800 Services Gateways with Junos 17.4R1-S1
Certificate #3540
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, Triple-DES, TDEA, Blowfish, HMAC, HMAC-SHA-256Asymmetric Algorithms
RSA 4096, RSA 2048, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
MAC, Key Exchange, Key agreement, AEADProtocols
SSH, SSHv2, SSL, IKE, IKEv2, IKEv1, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, Level 1, level 2Side-channel analysis
malfunctionStandards
FIPS 140-2, FIPS 186-4, FIPS 186-2, FIPS140-2, FIPS PUB 140-2, SP 800-133, SP 800-90A, RFC 2409, RFC7296, RFC 7296, RFC5282, RFC4106, X.509File metadata
| Title | Microsoft Word - Junos 17.4R1 FIPS Security Policy (Level 2) 1.4.docx |
|---|---|
| Author | Dpitcher |
| Creation date | D:20190925151626+10'00' |
| Modification date | D:20190925151626+10'00' |
| Pages | 53 |
| Producer | Microsoft: Print To PDF |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3540,
"dgst": "1df8153c919b0474",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KTS#3534",
"ECDSA#1422",
"AES#5334",
"RSA#2897",
"Triple-DES#2705",
"CVL#1848",
"RSA#2894",
"HMAC#3534",
"RSA#2895",
"ECDSA#1437",
"SHS#4320",
"DRBG#2060",
"ECDSA#1435",
"KTS#2713",
"HMAC#3544",
"Triple-DES#2694",
"Triple-DES#2713",
"ECDSA#1438",
"AES#5336",
"SHS#4287",
"SHS#4298",
"Triple-DES#2697",
"SHS#4285",
"AES#5337",
"SHS#4284",
"HMAC#3531",
"KTS#3567",
"ECDSA#1436",
"AES#5335",
"AES#5347",
"Triple-DES#2695",
"RSA#2896",
"AES#5386",
"HMAC#3530",
"CVL#1799",
"SHS#4288",
"HMAC#3567",
"Triple-DES#2696",
"KTS#2697",
"SHS#4286",
"RSA#2880",
"HMAC#3532"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"17.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 27
}
},
"FF": {
"DH": {
"DH": 3,
"Diffie-Hellman": 33
},
"DSA": {
"DSA": 2
}
},
"RSA": {
"RSA 2048": 8,
"RSA 4096": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 5
}
},
"crypto_protocol": {
"IKE": {
"IKE": 23,
"IKEv1": 7,
"IKEv2": 10
},
"IPsec": {
"IPsec": 20
},
"SSH": {
"SSH": 36,
"SSHv2": 4
},
"TLS": {
"SSL": {
"SSL": 1
}
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 2
},
"KA": {
"Key agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 58,
"P-384": 38
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1422": 1,
"#1435": 1,
"#1436": 1,
"#1437": 1,
"#1438": 1,
"#1799": 1,
"#1848": 1,
"#2060": 1,
"#2694": 1,
"#2695": 1,
"#2696": 1,
"#2697": 2,
"#2705": 1,
"#2713": 2,
"#2880": 1,
"#2894": 1,
"#2895": 1,
"#2896": 1,
"#2897": 1,
"#3530": 1,
"#3531": 1,
"#3532": 1,
"#3534": 3,
"#3544": 1,
"#3567": 3,
"#4284": 1,
"#4285": 1,
"#4286": 1,
"#4287": 1,
"#4288": 1,
"#4298": 1,
"#4320": 1,
"#5334": 1,
"#5335": 1,
"#5336": 1,
"#5337": 2,
"#5347": 1,
"#5386": 2
}
},
"fips_certlike": {
"Certlike": {
"#1799 CVL": 1,
"#1848 CVL": 1,
"#2060 DRBG": 1,
"#2880 RSA": 1,
"#2897 RSA": 1,
"#3530 HMAC": 1,
"#3534 HMAC": 1,
"#3567 HMAC": 1,
"#4284 SHS": 1,
"#4287 SHS": 1,
"#4288 SHS": 1,
"#4320 SHS": 1,
"#5334 AES": 1,
"#5337 AES": 1,
"#5386 AES": 1,
"AES CBC 128/192/256": 5,
"AES Cert. #5337": 1,
"AES Cert. #5386": 1,
"AES [197": 3,
"HMAC Cert. #3534": 4,
"HMAC Cert. #3567": 4,
"HMAC SHA-256": 1,
"HMAC [198": 3,
"HMAC-SHA-1": 6,
"HMAC-SHA-1-96": 2,
"HMAC-SHA-256": 2,
"HMAC-SHA-512": 2,
"RSA 2048": 8,
"RSA 4096": 2,
"SHA 1, 256": 1,
"SHA 256": 13,
"SHA-1": 4,
"SHA-2-512": 1,
"SHA-256": 15,
"SHA-384": 2,
"SHA-512": 2,
"SHS [180": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 17,
"SHA-384": 1,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 7
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {
"FI": {
"malfunction": 2
}
},
"standard_id": {
"FIPS": {
"FIPS 140-2": 11,
"FIPS 186-2": 2,
"FIPS 186-4": 2,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-133": 2,
"SP 800-90A": 2
},
"RFC": {
"RFC 2409": 2,
"RFC 7296": 2,
"RFC4106": 1,
"RFC5282": 1,
"RFC7296": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 20
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 24
}
},
"constructions": {
"MAC": {
"HMAC": 14,
"HMAC-SHA-256": 2
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Dpitcher",
"/CreationDate": "D:20190925151626+10\u002700\u0027",
"/ModDate": "D:20190925151626+10\u002700\u0027",
"/Producer": "Microsoft: Print To PDF",
"/Title": "Microsoft Word - Junos 17.4R1 FIPS Security Policy (Level 2) 1.4.docx",
"pdf_file_size_bytes": 3065163,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 53
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "28dd2d48665b7cbd3b393e44583c38f95d19afdfca1e3ad270daffcba7eec249",
"policy_txt_hash": "0c992f24d61ece6faba76c36c9c6bc1066794b11744a0c30dbbd288d68abd8b8"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and with tamper-evident seals installed as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/SeptConsolidated.pdf",
"date_sunset": null,
"description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS 17.4R1-S1",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "SRX300, SRX340, SRX345, SRX550-M, SRX5400, SRX5600 and SRX5800 with JNPR-FIPS-TAMPER-LBLS",
"level": 2,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX300, SRX340, SRX345, SRX550-M, SRX5400, SRX5600 and SRX5800 Services Gateways with Junos 17.4R1-S1",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2019-09-30",
"lab": "BAE SYSTEMS APPLIED INTELLIGENCE",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}