This page was not yet optimized for use on mobile
devices.
Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches
Certificate #3802
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, Triple-DES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, RSA 3072, RSA 4096, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-512, SHA-384, MD5Schemes
MAC, Key Exchange, Key Agreement, AEADProtocols
SSH, SSHv2, IKE, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-384, P-521, P-256, P-512Block cipher modes
CBC, CTR, GCMSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, SP 800-56A, RFC 4253, X.509File metadata
| Title | Microsoft Word - Junos_19.3R1_for_EX4650_and_QFX5120_Security_Policy.docx |
|---|---|
| Author | tsengjk |
| Creation date | D:20210105160322-05'00' |
| Modification date | D:20210105160332-05'00' |
| Pages | 23 |
| Creator | Nuance PDF Create |
| Producer | Nuance PDF Create |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3802,
"dgst": "390797e1f0b8f216",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#C1543",
"CVL#C1543",
"RSA#C1543",
"HMAC#C1543",
"DRBG#C1541",
"SHS#C1541",
"HMAC#C1542",
"SHS#C1542",
"DRBG#C1543",
"SHS#C1543",
"Triple-DES#C1543",
"ECDSA#C1543",
"HMAC#C1541"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"19.3"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 16
},
"ECDSA": {
"ECDSA": 21
}
},
"FF": {
"DH": {
"DH": 5,
"Diffie-Hellman": 9
},
"DSA": {
"DSA": 2
}
},
"RSA": {
"RSA 2048": 7,
"RSA 3072": 4,
"RSA 4096": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 41,
"SSHv2": 1
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 30,
"P-384": 18,
"P-512": 2,
"P-521": 16
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 1,
"AES [197": 1,
"DRBG 4": 1,
"DRBG 5": 1,
"HMAC SHA 256": 1,
"HMAC SHA-1": 1,
"HMAC SHA-256": 2,
"HMAC [198": 3,
"HMAC-SHA-1": 6,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 4,
"RSA 2048": 7,
"RSA 3072": 4,
"RSA 4096": 1,
"SHA 1, 384": 1,
"SHA 256": 5,
"SHA 384": 1,
"SHA 512": 1,
"SHA-1": 7,
"SHA-256": 10,
"SHA-384": 5,
"SHA-512": 5,
"SHS [180": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 7
},
"SHA2": {
"SHA-256": 13,
"SHA-384": 3,
"SHA-512": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 9,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-135": 1,
"SP 800-56A": 1,
"SP 800-90A": 3
},
"RFC": {
"RFC 4253": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 6
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 5
}
},
"constructions": {
"MAC": {
"HMAC": 18,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "tsengjk",
"/CreationDate": "D:20210105160322-05\u002700\u0027",
"/Creator": "Nuance PDF Create",
"/ModDate": "D:20210105160332-05\u002700\u0027",
"/Producer": "Nuance PDF Create",
"/Title": "Microsoft Word - Junos_19.3R1_for_EX4650_and_QFX5120_Security_Policy.docx",
"pdf_file_size_bytes": 689933,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 23
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "c151a1801651f138d9b006464f0c93ea81f9cd0dc51ef2177ee9cb2fe859a6da",
"policy_txt_hash": "7d994e5760dda6f2c673a107cca360c8bb4ae16c2662df8335c2f35d1d86afe9"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/January 2021_080221_0323_signed.pdf",
"date_sunset": null,
"description": "The Juniper Networks QFX series switches are high performance, high density data center switches. The QFX switches provide high performance, wire speed switching with low latency and jitter. The QFX series switches provide the universal building blocks for multiple data center fabric architectures.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Junos OS 19.3R1",
"historical_reason": "SP 800-56Arev3 transition - replaced by certificate #4662",
"hw_versions": "EX4650-48Y-AFI, EX4650-48Y-AFO, EX4650-48Y-DC-AFI, EX4650-48Y-DC-AFO, QFX5120-32C-AFI, QFX5120-32C-AFO, QFX5120-32C-DC-AFI, QFX5120-32C-DC-AFO, QFX5120-48Y-AFI2, QFX5120-48Y-AFO2, QFX5120-48Y-DC-AFI2, QFX5120-48Y-DC-AFO2, QFX5210-64C-AFI, QFX5210-64C-AFO, QFX5210-64C-DC-AFI and QFX5210-64C-DC-AFO",
"level": 1,
"mentioned_certs": {},
"module_name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2021-01-27",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc",
"vendor_url": "http://www.juniper.net"
}
}