This page was not yet optimized for use on mobile
devices.
Juniper Networks SRX300, SRX320, SRX340, SRX345 and SRX550-M Services Gateways
Certificate #3100
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, DES, Triple-DES, TDEA, Blowfish, HMAC, HMAC-SHA-256Asymmetric Algorithms
RSA 4096, RSA 2048, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
MAC, Key Exchange, Key agreement, AEADProtocols
SSH, SSHv2, IKE, IKEv2, IKEv1, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384Block cipher modes
CBC, CTR, GCMSecurity level
Level 1, level 2Standards
FIPS 140-2, FIPS 186-4, FIPS 186-2, FIPS140-2, FIPS PUB 140-2, SP 800-90A, RFC 2409, RFC7296, RFC 7296, RFC5282, RFC4106, X.509File metadata
| Title | Junos Cryptographic Security Policy |
|---|---|
| Creation date | D:20171222162744-08'00' |
| Modification date | D:20171222162750-08'00' |
| Pages | 25 |
| Creator | Acrobat PDFMaker 11 for Word |
| Producer | Adobe PDF Library 11.0 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3100,
"dgst": "47012d6a8e8c18e6",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"Triple-DES#2350",
"ECDSA#1041",
"RSA#2360",
"SHS#3585",
"HMAC#2902",
"RSA#2359",
"KTS#2358",
"AES#4362",
"HMAC#2888",
"AES#4347",
"HMAC#2886",
"DRBG#1398",
"Triple-DES#2351",
"KTS#2902",
"RSA#2358",
"SHS#3583",
"HMAC#2887",
"Triple-DES#2352",
"Triple-DES#2349",
"ECDSA#1040",
"SHS#3584",
"SHS#3600",
"AES#4345",
"SHS#3582",
"ECDSA#1039",
"HMAC#2885",
"ECDSA#1038",
"RSA#2361",
"SHS#3586",
"Triple-DES#2358",
"CVL#1051",
"AES#4348",
"AES#4346",
"CVL#1071"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"15.1"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 26
}
},
"FF": {
"DH": {
"DH": 4,
"Diffie-Hellman": 32
},
"DSA": {
"DSA": 2
}
},
"RSA": {
"RSA 2048": 8,
"RSA 4096": 4
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 6
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 6
}
},
"crypto_protocol": {
"IKE": {
"IKE": 23,
"IKEv1": 7,
"IKEv2": 10
},
"IPsec": {
"IPsec": 22
},
"SSH": {
"SSH": 39,
"SSHv2": 4
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 2
},
"KA": {
"Key agreement": 2
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 58,
"P-384": 38
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2349": 1,
"#2358": 1,
"#2885": 2,
"#2902": 2,
"#4345": 1,
"#4362": 1
}
},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 5,
"AES Cert. #4345": 1,
"AES Cert. #4362": 1,
"AES [197": 3,
"HMAC Cert. #2885": 4,
"HMAC Cert. #2902": 4,
"HMAC SHA-256": 1,
"HMAC [198": 3,
"HMAC-SHA-1": 6,
"HMAC-SHA-1-96": 2,
"HMAC-SHA-256": 2,
"HMAC-SHA-512": 2,
"RSA 2048": 8,
"RSA 4096": 4,
"SHA 1, 256": 1,
"SHA 256": 13,
"SHA-1": 4,
"SHA-2-512": 1,
"SHA-256": 17,
"SHA-384": 3,
"SHA-512": 2,
"SHS [180": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 4
},
"SHA2": {
"SHA-256": 19,
"SHA-384": 2,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 7
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 6,
"FIPS 186-2": 2,
"FIPS 186-4": 2,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-90A": 2
},
"RFC": {
"RFC 2409": 2,
"RFC 7296": 2,
"RFC4106": 1,
"RFC5282": 1,
"RFC7296": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 18
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 23
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"HMAC": 14,
"HMAC-SHA-256": 2
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "",
"/CreationDate": "D:20171222162744-08\u002700\u0027",
"/Creator": "Acrobat PDFMaker 11 for Word",
"/Disposition": "Initial concept",
"/ModDate": "D:20171222162750-08\u002700\u0027",
"/Producer": "Adobe PDF Library 11.0",
"/SourceModified": "D:20171223002700",
"/Title": "Junos Cryptographic Security Policy",
"pdf_file_size_bytes": 1077781,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 25
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "e2784e05ebc016dbfa04e8189f4bbb5abc12518c9abc265612c868d0580b49ab",
"policy_txt_hash": "e6ed756fe3f18b0e308031b487dfed4b098661ff9a56716ab36a213bcfc7e2f7"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertJan2018.pdf",
"date_sunset": null,
"description": "Juniper Networks\u00ae SRX300 and SRX550 lines of services gateways delivers a next-generation security and networking solution that supports the changing needs of cloud-enabled enterprise networks. By consolidating security, switching and routing in a single device, enterprises can protect against advanced security threats, overcome network complexity and improve application performance while reducing total cost of ownership. Customers can further enable secure SD-WAN capabilities that reduce band-width costs, simplify management and automate their WAN infrastructure.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS 15.1X49-D60",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "SRX300, SRX320, SRX340, SRX345, SRX550-645AP-M and SRX550-645DP-M",
"level": 1,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX300, SRX320, SRX340, SRX345 and SRX550-M Services Gateways",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-01-02",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}