This page was not yet optimized for use on mobile devices.

SonicWALL TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700 and NSa 3700

Certificate #4162

Webpage information

Status	active
Validation dates	22.02.2022
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	2
Type	Hardware
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode
Exceptions	Roles, Services, and Authentication: Level 3 Design Assurance: Level 3 Mitigation of Other Attacks: N/A
Description	The SonicWall family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks.
Version (Hardware)	101-500665-50 (TZ270), 101-500666-50 (TZ270W), 101-500649-50 (TZ370), 101-500648-50 (TZ370W), 101-500643-50 (TZ470), 101-500629-50 (TZ470W), 101-500594-51 (TZ570), 101-500593-51 (TZ570W), 101-500640-50 (TZ570P), 101-500592-51 (TZ670), 101-500661-50 (NSa 2700), 101-500663-50 (NSa 3700)
Version (Firmware)	SonicOS 7.0
Vendor	SonicWall, Inc.
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, DES, Triple-DES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMAC

Asymmetric Algorithms

RSA 2048, ECDH, ECDSA, DH, Diffie-Hellman, DSA

Hash functions

SHA-1, SHA-256, SHA-384, SHA-512, SHA-3, MD5, PBKDF

Schemes

Key Exchange, Key Agreement

Protocols

SSH, SSL, TLS, TLS v1.2, TLS 1.0, TLS 1.3, TLS 1.2, IKE, IKEv1, IKEv2, IPsec, VPN

Randomness

DRBG

Elliptic Curves

P-256, P-384, P-224, P-521, P-192

Block cipher modes

CBC, CTR, GCM, CCM

TLS cipher suites

TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

Security level

Level 2

Certification process

out of scope, service. Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate. 9 MD5 (no security claimed) and keys derived from the

Standards

FIPS 140-2, FIPS140-2, FIPS PUB 140-2, FIPS PUB 202, SP 800-135, SP 800-90A, RFC 5288, RFC 5246, RFC 8446

File metadata

Subject	FIPS 140-2 Security Policy Template
Author	Usha Sanagala
Creation date	D:20220217112158-05'00'
Modification date	D:20220217112158-05'00'
Pages	44
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

CPE matches

References

No references are available for this certificate.

Updates Feed

15.12.2025

The certificate data changed.
Certificate changed

The state was updated.

The following values were inserted: {'policy_json_hash': None}.

The following properties were deleted: ['policy_convert_garbage'].
08.09.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
09.02.2023

The certificate data changed.
Certificate changed

The cert_id was updated.

The new value is 4162.

The web extraction data was updated.

The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-02-22', 'validation_type': 'Initial', 'lab': 'ACUMEN SECURITY, LLC'}], 'vendor_url': 'https://www.sonicwall.com/', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2022_010322_0121_Signed.pdf', 'hw_versions': '101-500665-50 (TZ270), 101-500666-50 (TZ270W), 101-500649-50 (TZ370), 101-500648-50 (TZ370W), 101-500643-50 (TZ470), 101-500629-50 (TZ470W), 101-500594-51 (TZ570), 101-500593-51 (TZ570W), 101-500640-50 (TZ570P), 101-500592-51 (TZ670), 101-500661-50 (NSa 2700), 101-500663-50 (NSa 3700)', 'fw_versions': 'SonicOS 7.0'}.

The standard property was set to FIPS 140-2.

The status property was set to active.

The level property was set to 2.

The embodiment property was set to Multi-Chip Stand Alone.

The tested_conf property was set to None.

The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].

The PDF extraction data was updated.

The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 993044, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 44, '/Author': 'Usha Sanagala', '/Subject': 'FIPS 140-2 Security Policy Template', '/Creator': 'Microsoft® Word for Microsoft 365', '/CreationDate': "D:20220217112158-05'00'", '/ModDate': "D:20220217112158-05'00'", '/Producer': 'Microsoft® Word for Microsoft 365', 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}}.

The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].

The computed heuristics were updated.

The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.

The algorithms property was set to {'_type': 'Set', 'elements': ['SHS#C1861', 'DRBG#C1861', 'CVL#C1861', 'KTS#C1861', 'ECDSA#C1861', 'AES#C1861', 'RSA#C1861', 'HMAC#C1861']}.

The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].

The state was updated.

The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '3da12f6fa7d49759d8d5349a55b836d59cfdb407b332f2ffefc616bbeed61883', 'policy_txt_hash': '9a9cf7323a50445b0ffd97146f8301a0c2c03ead2a7aacb19dcf85ad175a2c24'}.

The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
05.11.2022

The certificate data changed.
Certificate changed

The web extraction data was updated.

The algorithms property was set to {'_type': 'Set', 'elements': []}.

The computed heuristics were updated.

The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'ECDSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'DRBG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'HMAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'KTS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'AES', 'vendor': None, 'implementation': None, 'date': None}]} values discarded.
25.10.2022

The certificate data changed.
Certificate changed

The PDF extraction data was updated.

The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__update__': {'HMAC-SHA-256': 4, 'HMAC-SHA-384': 4, 'HMAC-SHA-512': 4, 'SHA-256': 6, 'SHA-384': 4, 'SHA-512': 3, 'RSA 2048': 4}, '__delete__': ['HMAC-SHA-1/256', 'SHS [180', 'SHA256', 'SHA384', 'SHA-1/256', 'PKCS1', 'AES GCM 128', 'Diffie-Hellman 2048', 'DRBG [90', 'DSA [186']}}}, 'symmetric_crypto': {'__update__': {'AES_competition': {'__update__': {'AES': {'__update__': {'AES': 14}, '__delete__': ['AES-']}}}, 'DES': {'__update__': {'DES': {'__update__': {'DES': 1}, '__delete__': ['DEA']}, '3DES': {'__delete__': ['TDES']}}}, 'constructions': {'__update__': {'MAC': {'__update__': {'HMAC': 5, 'HMAC-SHA-256': 2, 'HMAC-SHA-384': 2, 'HMAC-SHA-512': 2}}}}}}, 'asymmetric_crypto': {'__update__': {'RSA': {'__update__': {'RSA 2048': 4}}, 'ECC': {'__update__': {'ECDH': {'__update__': {'ECDH': 2}, '__delete__': ['ECDHE']}, 'ECDSA': {'__update__': {'ECDSA': 13}}}}, 'FF': {'__update__': {'DH': {'__update__': {'DH': 12, 'Diffie-Hellman': 9}, '__delete__': ['DHE']}, 'DSA': {'__update__': {'DSA': 3}}}}}}, 'hash_function': {'__update__': {'SHA': {'__update__': {'SHA1': {'__update__': {'SHA-1': 9}}, 'SHA2': {'__update__': {'SHA-256': 7, 'SHA-384': 3, 'SHA-512': 4}, '__delete__': ['SHA256', 'SHA384', 'SHA-2', 'SHA2']}, 'SHA3': {'__update__': {'SHA-3': 1}, '__delete__': ['SHA3']}}}}}, 'crypto_scheme': {'__update__': {'KA': {'__delete__': ['KA']}}, '__delete__': ['MAC']}, 'crypto_protocol': {'__update__': {'SSH': {'__update__': {'SSH': 6}}, 'TLS': {'__update__': {'TLS': {'__update__': {'TLS': 23, 'TLS 1.3': 4}}}}}}, 'randomness': {'__update__': {'PRNG': {'__update__': {'DRBG': 19}}}, '__delete__': ['RNG']}, 'cipher_mode': {'__update__': {'CBC': {'__update__': {'CBC': 10}}, 'GCM': {'__update__': {'GCM': 6}}}}, 'ecc_curve': {'__update__': {'NIST': {'__update__': {'P-256': 26, 'P-384': 18, 'P-521': 18}}}}, 'tls_cipher_suite': {'__update__': {'TLS': {'__delete__': ['TLS_RSA_WITH_AES_256_CBC_SHA', 'TLS_RSA_WITH_AES_256_CBC_SHA256', 'TLS_RSA_WITH_AES_256_GCM_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA', 'TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384', 'TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384']}}}, 'tee_name': {}, 'standard_id': {'__update__': {'NIST': {'SP 800-135': 1, 'SP 800-90A': 5}, 'RFC': {'RFC 5288': 1, 'RFC 5246': 1, 'RFC 8446': 1}}, '__delete__': ['PKCS']}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {'service. Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate. 9 MD5 (no security claimed) and keys derived from the': 1}, '__delete__': [' Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate', 'load service. Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate. 9 MD5 (no security claimed) and keys derived from the']}}}} data.

The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1536', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '135', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '180', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '521', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '133', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' C1861', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '38', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '56', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '197', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1024', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '186', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\nC1861', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]}.

The clean_cert_ids property was set to {}.

The computed heuristics were updated.

The algorithms property was updated, with the {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '8', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '12', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1536', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 3072', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '135', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '180', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '521', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '2', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '133', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '1', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '3', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' C1861', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 2048', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '38', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '56', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '197', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 1024', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 192', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '512', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '186', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 112', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 128', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '384', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 6', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 256', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '800', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': ' 14', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '4', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '5', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '\nC1861', 'algorithm_type': None, 'vendor': None, 'implementation': None, 'date': None}]} values added.

The state was updated.

The tables_done property was set to True.
10.10.2022

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The cpe_matches property was updated, with the {'_type': 'Set', 'elements': ['cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*']} values discarded.
08.10.2022

The certificate data changed.
Certificate changed

The PDF extraction data was updated.

The keywords property was updated, with the {'crypto_protocol': {'__insert__': {'VPN': {'VPN': 34}}}, 'certification_process': {'__update__': {'OutOfScope': {'__insert__': {' Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate': 1}, '__delete__': ['. Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate']}}}} data.
17.07.2022

The certificate data changed.
Certificate changed

The _type was updated.

The new value is sec_certs.sample.fips.FIPSCertificate.

The computed heuristics were updated.

The following values were inserted: {'clean_cert_ids': {}}.

The _type property was set to sec_certs.sample.fips.FIPSCertificate.Heuristics.

The keywords property was set to {}.

The algorithms property was set to {'_type': 'Set', 'elements': [{'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'ECDSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'RSA', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'SHS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'DRBG', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'CVL', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'HMAC', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'KTS', 'vendor': None, 'implementation': None, 'date': None}, {'_type': 'sec_certs.sample.fips_algorithm.FIPSAlgorithm', 'cert_id': '#C1861', 'algorithm_type': 'AES', 'vendor': None, 'implementation': None, 'date': None}]}.

The st_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.

The web_references property was updated, with the {'_type': 'sec_certs.sample.certificate.References'} data.

The state was updated.

The _type property was set to sec_certs.sample.fips.FIPSCertificate.InternalState.

The following properties were deleted: ['fragment_path'].
14.06.2022

The certificate data changed.
Certificate changed

The pdf_scan was updated.

The keywords property was updated, with the {'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS 140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS140-2', 'FIPS PUB 140-2']}, 'RFC[ ]*[0-9]+?': {'__delete__': ['RFC 5288', 'RFC 5246']}, 'RFC [0-9]+': {'__delete__': ['RFC 5288', 'RFC 5246']}}}, 'rules_block_cipher_modes': {'__insert__': {'CCM': {'CCM': {'count': 1}}}, '__update__': {'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}, 'GCM': {'__update__': {'GCM': {'__update__': {'count': 1}}}}}}, 'rules_ecc_curves': {'__insert__': {'(NIST)? ?[PBK]-[0-9]{3}': {'P-256': {'count': 1}}}, '__update__': {'(?:Curve |curve |)P-(192|224|256|384|521)': {'__update__': {'P-256': {'__update__': {'count': 1}}}, '__delete__': ['P-384', 'P-224', 'P-521', 'P-192']}}}} data.

The computed heuristics were updated.

The keywords property was updated, with the {'rules_standard_id': {'__update__': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'__update__': {'FIPS 140-2': {'__update__': {'count': 1}}}, '__delete__': ['FIPS140-2', 'FIPS PUB 140-2']}, 'RFC[ ]*[0-9]+?': {'__delete__': ['RFC 5288', 'RFC 5246']}, 'RFC [0-9]+': {'__delete__': ['RFC 5288', 'RFC 5246']}}}, 'rules_block_cipher_modes': {'__insert__': {'CCM': {'CCM': {'count': 1}}}, '__update__': {'CBC': {'__update__': {'CBC': {'__update__': {'count': 1}}}}, 'GCM': {'__update__': {'GCM': {'__update__': {'count': 1}}}}}}, 'rules_ecc_curves': {'__insert__': {'(NIST)? ?[PBK]-[0-9]{3}': {'P-256': {'count': 1}}}, '__update__': {'(?:Curve |curve |)P-(192|224|256|384|521)': {'__update__': {'P-256': {'__update__': {'count': 1}}}, '__delete__': ['P-384', 'P-224', 'P-521', 'P-192']}}}} data.
17.05.2022

The certificate data changed.
Certificate changed

The computed heuristics were updated.

The cpe_matches property was updated, with the {'_type': 'Set', 'elements': ['cpe:2.3:h:sonicwall:nsa2700:-:*:*:*:*:*:*:*', 'cpe:2.3:h:sonicwall:nsa3700:-:*:*:*:*:*:*:*']} values added.
08.03.2022

The certificate data changed.
Certificate changed

The web_scan was updated.

The following properties were deleted: ['connections'].

The pdf_scan was updated.

The following properties were deleted: ['connections'].

The computed heuristics were updated.

The following values were inserted: {'st_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'web_references': {'_type': 'References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}}.

The following properties were deleted: ['connections', 'directly_affected_by', 'indirectly_affected_by', 'directly_affecting', 'indirectly_affecting'].
03.03.2022

The certificate data changed.
Certificate changed

The web_scan was updated.

The certificate_www property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2022_010322_0121_Signed.pdf.
26.02.2022

The certificate data changed.
Certificate changed

The pdf_scan was updated.

The keywords property was set to {'rules_fips_algorithms': {'HMAC(?:[- –]*SHA)?(?:[- –]*1)?[– -]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[, ]*?\\(?(?: |hardware|firmware)*?[\\s(\\[]*?(?:#|cert\\.?|Cert\\.?|Certificate|sample)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:[\\s#]*and[\\s#]*\\d+)?': {'HMAC [198': {'count': 1}, 'HMAC-SHA-256': {'count': 5}, 'HMAC-SHA-384': {'count': 5}, 'HMAC-SHA-512': {'count': 5}, 'HMAC-SHA-1/256': {'count': 1}}, 'HMAC(?:[- –]*SHA)?(?:[- –]*1)?[– -]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[, ]*?\\(?(?: |hardware|firmware)*?[\\s(\\[]*?(?:#|cert\\.?|Cert\\.?|Certificate|sample)?[\\s#]*?)?[\\s#]*?(\\d{1})(?:[\\s#]*and[\\s#]*\\d+)?': {'HMAC SHA(1': {'count': 1}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-256': {'count': 8}, 'SHA (256': {'count': 3}, 'SHA(256': {'count': 7}, 'SHA-384': {'count': 4}, 'SHA-512': {'count': 4}, 'SHS [180': {'count': 1}, 'SHA256': {'count': 5}, 'SHA384': {'count': 3}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{2})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-25': {'count': 1}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{1})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-1': {'count': 9}, 'SHA(1': {'count': 7}, 'SHA-2': {'count': 1}, 'SHA-3': {'count': 1}}, 'RSA(?:[-– ]*(?:;|\\/|512|768|1024|1280|1536|2048|3072|4096|8192)\\s\\(\\[]*?(?:(?:;|\\/|KAT|Verify|PSS|\\s)*?)?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{4})': {'RSA 2048': {'count': 6}}, '(?:RSA)?[-– ]?(?:SSA)?[- ]?PKCS\\s?#?\\d(?:-[Vv]1_5| [Vv]1[-_]5)?[\\s#]*?(\\d{4})?': {'PKCS1': {'count': 3}}, 'AES[-– ]*((?: |;|\\/|bit|key|128|192|256|CBC)*(?: |\\/|;|[Dd]ecrypt|[Ee]ncrypt|KAT|CMAC|CTR|GCM|IV|CBC)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:\\)?[\\s#]*?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?(\\d+))?': {'AES [197': {'count': 1}, 'AES CBC 128/192/256': {'count': 3}, 'AES CBC 128/256': {'count': 1}, 'AES GCM 128': {'count': 1}}, 'Diffie[-– ]*Hellman[,\\s(\\[]*?(?:CVL|\\s)*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?[\\s#]*?(\\d{4})': {'Diffie-Hellman 2048': {'count': 1}}, 'DRBG[ –-]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{2})': {'DRBG[90': {'count': 1}}, 'DRBG[ –-]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{1})': {'DRBG[9': {'count': 1}}, 'DSA[ –-]*((?:;|\\/|160|224|256|384|512)?(?: |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})': {'DSA [186': {'count': 1}}, '#\\s+?[Cc]\\d+': {'# C1861': {'count': 1}, '#C1861': {'count': 1}}}, 'rules_to_remove': {'#?\\d+ and #?\\d+': {'0 and 1': {'count': 1}, '1 and 3': {'count': 1}, '2048 and 3072': {'count': 1}}, '[sS]cenarios?\\s?#\\d+': {'scenario #1': {'count': 1}}}, 'rules_security_level': {}, 'rules_cert_id': {}, 'rules_os': {}, 'rules_standard_id': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'FIPS 140-2': {'count': 52}, 'FIPS140-2': {'count': 1}, 'FIPS PUB 140-2': {'count': 1}}, 'FIPS ?(?:PUB )?[0-9]+?': {'FIPS PUB 202': {'count': 1}}, 'RFC[ ]*[0-9]+?': {'RFC 5288': {'count': 1}, 'RFC 5246': {'count': 1}, 'RFC 8446': {'count': 1}}, 'RFC [0-9]+': {'RFC 5288': {'count': 1}, 'RFC 5246': {'count': 1}, 'RFC 8446': {'count': 1}}}, 'rules_security_assurance_components': {}, 'rules_security_functional_components': {}, 'rules_cc_claims': {}, 'rules_javacard': {}, 'rules_javacard_api_consts': {}, 'rules_javacard_packages': {}, 'rules_crypto_algs': {'RSA[- ]*(?:512|768|1024|1280|1536|2048|3072|4096|8192)': {'RSA 2048': {'count': 4}}, 'SHA[-]*(?:160|224|256|384|512)': {'SHA-256': {'count': 6}, 'SHA-384': {'count': 4}, 'SHA-512': {'count': 2}}, 'AES[-]*(?:128|192|256|)': {'AES': {'count': 14}}, 'SHA-1': {'SHA-1': {'count': 2}}, 'MD5': {'MD5': {'count': 2}}, 'HMAC': {'HMAC': {'count': 5}}, 'HMAC-SHA-(?:160|224|256|384|512)': {'HMAC-SHA-256': {'count': 2}, 'HMAC-SHA-384': {'count': 2}, 'HMAC-SHA-512': {'count': 2}}, '(Diffie-Hellman|DH)': {'DH': {'count': 11}, 'Diffie-Hellman': {'count': 7}}, 'ECDH': {'ECDH': {'count': 2}}, 'ECDSA': {'ECDSA': {'count': 13}}, '[3T]?DES': {'DES': {'count': 5}}, 'RN[GD]': {'RNG': {'count': 3}}, 'RBG': {'RBG': {'count': 11}}}, 'rules_block_cipher_modes': {'CBC': {'CBC': {'count': 10}}, 'CTR': {'CTR': {'count': 1}}, 'GCM': {'GCM': {'count': 6}}}, 'rules_ecc_curves': {'(?:Curve |curve |)P-(192|224|256|384|521)': {'P-256': {'count': 12}, 'P-384': {'count': 11}, 'P-224': {'count': 5}, 'P-521': {'count': 8}, 'P-192': {'count': 2}}}, 'rules_cplc': {}, 'rules_crypto_engines': {}, 'rules_crypto_libs': {}, 'rules_IC_data_groups': {}, 'rules_defenses': {}, 'rules_certification_process': {'[oO]ut of [sS]cope': {'out of scope': {'count': 1}}, '.{0,100}[oO]ut of [sS]cope.{0,100}': {'listed in the module certificate is considered out of scope and requires separate FIPS 140-2': {'count': 1}}}, 'rules_vulnerabilities': {}, 'rules_other': {}}.

The computed heuristics were updated.

The keywords property was set to {'rules_fips_algorithms': {'HMAC(?:[- –]*SHA)?(?:[- –]*1)?[– -]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[, ]*?\\(?(?: |hardware|firmware)*?[\\s(\\[]*?(?:#|cert\\.?|Cert\\.?|Certificate|sample)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:[\\s#]*and[\\s#]*\\d+)?': {'HMAC [198': {'count': 1}, 'HMAC-SHA-256': {'count': 5}, 'HMAC-SHA-384': {'count': 5}, 'HMAC-SHA-512': {'count': 5}, 'HMAC-SHA-1/256': {'count': 1}}, 'HMAC(?:[- –]*SHA)?(?:[- –]*1)?[– -]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[, ]*?\\(?(?: |hardware|firmware)*?[\\s(\\[]*?(?:#|cert\\.?|Cert\\.?|Certificate|sample)?[\\s#]*?)?[\\s#]*?(\\d{1})(?:[\\s#]*and[\\s#]*\\d+)?': {'HMAC SHA(1': {'count': 1}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-256': {'count': 8}, 'SHA (256': {'count': 3}, 'SHA(256': {'count': 7}, 'SHA-384': {'count': 4}, 'SHA-512': {'count': 4}, 'SHS [180': {'count': 1}, 'SHA256': {'count': 5}, 'SHA384': {'count': 3}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{2})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-25': {'count': 1}}, 'SH[SA][-– 123]*(?:;|\\/|160|224|256|384|512)?(?:[\\s(\\[]*?(?:KAT|[Bb]yte [Oo]riented)*?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{1})(?:\\)?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?\\d+)?': {'SHA-1': {'count': 9}, 'SHA(1': {'count': 7}, 'SHA-2': {'count': 1}, 'SHA-3': {'count': 1}}, 'RSA(?:[-– ]*(?:;|\\/|512|768|1024|1280|1536|2048|3072|4096|8192)\\s\\(\\[]*?(?:(?:;|\\/|KAT|Verify|PSS|\\s)*?)?[\\s,]*?[\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{4})': {'RSA 2048': {'count': 6}}, '(?:RSA)?[-– ]?(?:SSA)?[- ]?PKCS\\s?#?\\d(?:-[Vv]1_5| [Vv]1[-_]5)?[\\s#]*?(\\d{4})?': {'PKCS1': {'count': 3}}, 'AES[-– ]*((?: |;|\\/|bit|key|128|192|256|CBC)*(?: |\\/|;|[Dd]ecrypt|[Ee]ncrypt|KAT|CMAC|CTR|GCM|IV|CBC)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})(?:\\)?[\\s#]*?\\[#?\\d+\\])?(?:[\\s#]*?and[\\s#]*?(\\d+))?': {'AES [197': {'count': 1}, 'AES CBC 128/192/256': {'count': 3}, 'AES CBC 128/256': {'count': 1}, 'AES GCM 128': {'count': 1}}, 'Diffie[-– ]*Hellman[,\\s(\\[]*?(?:CVL|\\s)*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?[\\s#]*?(\\d{4})': {'Diffie-Hellman 2048': {'count': 1}}, 'DRBG[ –-]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{2})': {'DRBG[90': {'count': 1}}, 'DRBG[ –-]*((?:;|\\/|160|224|256|384|512)?(?:;|\\/| |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{1})': {'DRBG[9': {'count': 1}}, 'DSA[ –-]*((?:;|\\/|160|224|256|384|512)?(?: |[Dd]ecrypt|[Ee]ncrypt|KAT)*?[,\\s(\\[]*?(?:#|cert\\.?|sample|Cert\\.?|Certificate)?[\\s#]*?)?[\\s#]*?(\\d{3})': {'DSA [186': {'count': 1}}, '#\\s+?[Cc]\\d+': {'# C1861': {'count': 1}, '#C1861': {'count': 1}}}, 'rules_to_remove': {'#?\\d+ and #?\\d+': {'0 and 1': {'count': 1}, '1 and 3': {'count': 1}, '2048 and 3072': {'count': 1}}, '[sS]cenarios?\\s?#\\d+': {'scenario #1': {'count': 1}}}, 'rules_security_level': {}, 'rules_cert_id': {}, 'rules_os': {}, 'rules_standard_id': {'FIPS ?(?:PUB )?[0-9]+-[0-9]+?': {'FIPS 140-2': {'count': 52}, 'FIPS140-2': {'count': 1}, 'FIPS PUB 140-2': {'count': 1}}, 'FIPS ?(?:PUB )?[0-9]+?': {'FIPS PUB 202': {'count': 1}}, 'RFC[ ]*[0-9]+?': {'RFC 5288': {'count': 1}, 'RFC 5246': {'count': 1}, 'RFC 8446': {'count': 1}}, 'RFC [0-9]+': {'RFC 5288': {'count': 1}, 'RFC 5246': {'count': 1}, 'RFC 8446': {'count': 1}}}, 'rules_security_assurance_components': {}, 'rules_security_functional_components': {}, 'rules_cc_claims': {}, 'rules_javacard': {}, 'rules_javacard_api_consts': {}, 'rules_javacard_packages': {}, 'rules_crypto_algs': {'RSA[- ]*(?:512|768|1024|1280|1536|2048|3072|4096|8192)': {'RSA 2048': {'count': 4}}, 'SHA[-]*(?:160|224|256|384|512)': {'SHA-256': {'count': 6}, 'SHA-384': {'count': 4}, 'SHA-512': {'count': 2}}, 'AES[-]*(?:128|192|256|)': {'AES': {'count': 14}}, 'SHA-1': {'SHA-1': {'count': 2}}, 'MD5': {'MD5': {'count': 2}}, 'HMAC': {'HMAC': {'count': 5}}, 'HMAC-SHA-(?:160|224|256|384|512)': {'HMAC-SHA-256': {'count': 2}, 'HMAC-SHA-384': {'count': 2}, 'HMAC-SHA-512': {'count': 2}}, '(Diffie-Hellman|DH)': {'DH': {'count': 11}, 'Diffie-Hellman': {'count': 7}}, 'ECDH': {'ECDH': {'count': 2}}, 'ECDSA': {'ECDSA': {'count': 13}}, '[3T]?DES': {'DES': {'count': 5}}, 'RN[GD]': {'RNG': {'count': 3}}, 'RBG': {'RBG': {'count': 11}}}, 'rules_block_cipher_modes': {'CBC': {'CBC': {'count': 10}}, 'CTR': {'CTR': {'count': 1}}, 'GCM': {'GCM': {'count': 6}}}, 'rules_ecc_curves': {'(?:Curve |curve |)P-(192|224|256|384|521)': {'P-256': {'count': 12}, 'P-384': {'count': 11}, 'P-224': {'count': 5}, 'P-521': {'count': 8}, 'P-192': {'count': 2}}}, 'rules_cplc': {}, 'rules_crypto_engines': {}, 'rules_crypto_libs': {}, 'rules_IC_data_groups': {}, 'rules_defenses': {}, 'rules_certification_process': {'[oO]ut of [sS]cope': {'out of scope': {'count': 1}}, '.{0,100}[oO]ut of [sS]cope.{0,100}': {'listed in the module certificate is considered out of scope and requires separate FIPS 140-2': {'count': 1}}}, 'rules_vulnerabilities': {}, 'rules_other': {}}.

The state was updated.

The txt_state property was set to True.
23.02.2022

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4162,
  "dgst": "25616f4178f09f6e",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "CVL#C1861",
        "SHS#C1861",
        "ECDSA#C1861",
        "KTS#C1861",
        "HMAC#C1861",
        "AES#C1861",
        "RSA#C1861",
        "DRBG#C1861"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:sonicwall:tz370w:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:nsa_2700:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz270w:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz270:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz570p:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz670:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz370:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz570:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:nsa_3700:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz470w:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz570w:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:sonicwall:tz470:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "7.0"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 2
          },
          "ECDSA": {
            "ECDSA": 13
          }
        },
        "FF": {
          "DH": {
            "DH": 12,
            "Diffie-Hellman": 9
          },
          "DSA": {
            "DSA": 3
          }
        },
        "RSA": {
          "RSA 2048": 4
        }
      },
      "certification_process": {
        "OutOfScope": {
          "out of scope": 1,
          "service. Any other firmware version that is not listed in the module certificate is considered out of scope and requires separate FIPS 140-2 certificate. 9 MD5 (no security claimed) and keys derived from the": 1
        }
      },
      "cipher_mode": {
        "CBC": {
          "CBC": 10
        },
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 1
        },
        "GCM": {
          "GCM": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 30,
          "IKEv1": 6,
          "IKEv2": 6
        },
        "IPsec": {
          "IPsec": 25
        },
        "SSH": {
          "SSH": 6
        },
        "TLS": {
          "SSL": {
            "SSL": 1
          },
          "TLS": {
            "TLS": 23,
            "TLS 1.0": 1,
            "TLS 1.2": 25,
            "TLS 1.3": 4,
            "TLS v1.2": 1
          }
        },
        "VPN": {
          "VPN": 34
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        },
        "KEX": {
          "Key Exchange": 2
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-192": 4,
          "P-224": 10,
          "P-256": 26,
          "P-384": 18,
          "P-521": 18
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "# C1861": 2,
          "AES CBC 128/192/256": 3,
          "AES CBC 128/256": 1,
          "AES [197": 1,
          "HMAC SHA(1": 1,
          "HMAC [198": 1,
          "HMAC-SHA-256": 4,
          "HMAC-SHA-384": 4,
          "HMAC-SHA-512": 4,
          "RSA 2048": 4,
          "SHA (256": 3,
          "SHA(1": 8,
          "SHA(256": 7,
          "SHA- 256": 1,
          "SHA-1": 9,
          "SHA-256": 6,
          "SHA-3": 1,
          "SHA-384": 4,
          "SHA-512": 3
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 2
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 2
          }
        },
        "PBKDF": {
          "PBKDF": 2
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 9
          },
          "SHA2": {
            "SHA-256": 7,
            "SHA-384": 3,
            "SHA-512": 4
          },
          "SHA3": {
            "SHA-3": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 19
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 55,
          "FIPS PUB 140-2": 1,
          "FIPS PUB 202": 1,
          "FIPS140-2": 1
        },
        "NIST": {
          "SP 800-135": 1,
          "SP 800-90A": 5
        },
        "RFC": {
          "RFC 5246": 1,
          "RFC 5288": 1,
          "RFC 8446": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 4
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 1,
            "HMAC": 5,
            "HMAC-SHA-256": 2,
            "HMAC-SHA-384": 2,
            "HMAC-SHA-512": 2
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA": 1,
          "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 1,
          "TLS_RSA_WITH_AES_128_CBC_SHA": 1,
          "TLS_RSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_RSA_WITH_AES_128_GCM_SHA256": 1
        }
      },
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Usha Sanagala",
      "/CreationDate": "D:20220217112158-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20220217112158-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS 140-2 Security Policy Template",
      "pdf_file_size_bytes": 993044,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 44
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "3da12f6fa7d49759d8d5349a55b836d59cfdb407b332f2ffefc616bbeed61883",
    "policy_txt_hash": "9a9cf7323a50445b0ffd97146f8301a0c2c03ead2a7aacb19dcf85ad175a2c24"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2022_010322_0121_Signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The SonicWall family of firewalls tightly integrates intrusion prevention, malware protection, Application Intelligence and Control with real-time Visualization. SonicWALL Reassembly-Free Deep Packet Inspection engine scans 100% of traffic and massively scales to meet needs of the most high-performance networks.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "SonicOS 7.0",
    "historical_reason": null,
    "hw_versions": "101-500665-50 (TZ270), 101-500666-50 (TZ270W), 101-500649-50 (TZ370), 101-500648-50 (TZ370W), 101-500643-50 (TZ470), 101-500629-50 (TZ470W), 101-500594-51 (TZ570), 101-500593-51 (TZ570W), 101-500640-50 (TZ570P), 101-500592-51 (TZ670), 101-500661-50 (NSa 2700), 101-500663-50 (NSa 3700)",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "SonicWALL TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700 and NSa 3700",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-02-22",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      }
    ],
    "vendor": "SonicWall, Inc.",
    "vendor_url": "https://www.sonicwall.com/"
  }
}

Sections

SonicWALL TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700 and NSa 3700

Certificate #4162

Webpage information

Security policy

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Elliptic Curves

Block cipher modes

TLS cipher suites

Security level

Certification process

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

References

Updates Feed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

Certificate changed

New certificate

Raw data

Sections

SonicWALL TZ270, TZ270W, TZ370, TZ370W, TZ470, TZ470W, TZ570, TZ570W, TZ570P, TZ670, NSa 2700 and NSa 3700

Certificate #4162

Webpage information

Security policy

Cryptography

Symmetric Algorithms

Asymmetric Algorithms

Hash functions

Schemes

Protocols

Randomness

Elliptic Curves

Block cipher modes

TLS cipher suites

Security

Security level

Certification process

Other

Standards

File metadata

Heuristics

Automated inference - use with caution

CPE matches

References

Updates Feed

Raw data

Toggle raw data