Home / FIPS 140 / 56dc6c2bd0f7cd6b
Link Link by certificate ID Link by certificate name

Forcepoint NGFW Cryptographic Kernel Module

Certificate #4835

Webpage information ?

Status active
Validation dates 11.10.2024
Sunset date 10-10-2029
Standard FIPS 140-3
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When installed, initialized and configured as specified in Section 11 of the Security Policy
Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The Forcepoint NGFW Cryptographic Kernel Module is a software module that provides cryptographic services required by the Forcepoint NGFW product.
Tested configurations
  • NGFW OS 10 on Linux 4.19 on ESXi 7.0 running on Dell PowerEdge R440 with Intel Xeon Silver 4208 with PAA
  • NGFW OS 10 on Linux 4.19 running on NGFW 3410 with Intel Xeon Gold 6230N with PAA
  • NGFW OS 10 on Linux 4.19 running on NGFW N120W with Intel Atom C3338 with PAA
  • NGFW OS 10 on Linux 4.19 running on NGFW N120W with Intel Atom C3338 without PAA
Vendor Forcepoint
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms
AES, AES-, HMAC, HMAC-SHA-256
Asymmetric Algorithms
ECDSA
Hash functions
SHA-1
Schemes
MAC
Protocols
SSH, VPN
Elliptic Curves
P-521
Block cipher modes
ECB, CBC, CFB, OFB, GCM

Security level
Level 1, level 1

Standards
FIPS 140-3, FIPS 140, FIPS 197, FIPS 180-4, FIPS 198-1, SP 800-38D, SP 800-140F, ISO/IEC 24759, ISO/IEC 19790:2012, ISO/IEC19790:2012

File metadata

Creation date D:20241007172535-05'00'
Modification date D:20241007172535-05'00'
Pages 33

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 14.10.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4835,
  "dgst": "56dc6c2bd0f7cd6b",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHA-1A2166",
        "HMAC-SHA2-224A2166",
        "AES-CBCA2166",
        "SHA2-512A2166",
        "HMAC-SHA2-384A2166",
        "SHA2-224A2166",
        "AES-CFB128A2166",
        "AES-GCMA2166",
        "AES-OFBA2166",
        "HMAC-SHA-1A2166",
        "SHA2-256A2166",
        "SHA2-384A2166",
        "AES-ECBA2166",
        "HMAC-SHA2-512A2166",
        "HMAC-SHA2-256A2166"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDSA": {
            "ECDSA": 1
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "CFB": {
          "CFB": 1
        },
        "ECB": {
          "ECB": 3
        },
        "GCM": {
          "GCM": 5
        },
        "OFB": {
          "OFB": 5
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 1
        },
        "VPN": {
          "VPN": 1
        }
      },
      "crypto_scheme": {
        "MAC": {
          "MAC": 8
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-521": 2
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "# A2166": 1,
          "AES-GCM 128": 2,
          "HMAC- SHA-1": 2,
          "HMAC-SHA-1": 7,
          "HMAC-SHA-1 (96": 1,
          "HMAC-SHA-256": 2,
          "SHA-1": 8,
          "SHA2- 224": 2,
          "SHA2- 256": 4,
          "SHA2- 384": 3,
          "SHA2- 512": 3,
          "SHA2-224": 3,
          "SHA2-256": 6,
          "SHA2-384": 2,
          "SHA2-512": 7
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 8
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {},
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 5,
          "FIPS 140-3": 19,
          "FIPS 180-4": 1,
          "FIPS 197": 1,
          "FIPS 198-1": 1
        },
        "ISO": {
          "ISO/IEC 19790:2012": 1,
          "ISO/IEC 24759": 4,
          "ISO/IEC19790:2012": 1
        },
        "NIST": {
          "SP 800-140F": 1,
          "SP 800-38D": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 13,
            "AES-": 10
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 11,
            "HMAC-SHA-256": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20241007172535-05\u002700\u0027",
      "/ModDate": "D:20241007172535-05\u002700\u0027",
      "pdf_file_size_bytes": 817153,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://urldefense.us/v3/__https:/help.forcepoint.com/docs/ngfw/v610/install/ngfw_6100_ig_a_en-us.pdf__;!!Az_Xe1LHMyBq19w!Kcf1tSD8mfZmkpyi2_nd1hruhBGLkAC0plVIlmneS-rqXnWlqhL6pJEP7jpizXEGIhZSWGfcYRXMwrvGt4G9mfMUpJGH$",
          "https://urldefense.us/v3/__https:/help.forcepoint.com/docs/ngfw/v610/mgmt/ngfw_6100_pg_a_en-us.pdf__;!!Az_Xe1LHMyBq19w!Kcf1tSD8mfZmkpyi2_nd1hruhBGLkAC0plVIlmneS-rqXnWlqhL6pJEP7jpizXEGIhZSWGfcYRXMwrvGt4G9mfui9yxU$",
          "https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=14674",
          "https://support.forcepoint.com/",
          "http://www.forcepoint.com/",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 33
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "da1829d601da7944781dfe5fbad755c5f53432a1f47289a3e12778e0d782934c",
    "policy_txt_hash": "2a562aa3a30ca0fb7535fe768e82d59ac63ab878021c58e5b5cbf413b55bb2c5"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When installed, initialized and configured as specified in Section 11 of the Security Policy",
    "certificate_pdf_url": null,
    "date_sunset": "2029-10-10",
    "description": "The Forcepoint NGFW Cryptographic Kernel Module is a software module that provides cryptographic services required by the Forcepoint NGFW product.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical security: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Forcepoint NGFW Cryptographic Kernel Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": "3.0",
    "tested_conf": [
      "NGFW OS 10 on Linux 4.19 on ESXi 7.0 running on Dell PowerEdge R440 with Intel Xeon Silver 4208 with PAA",
      "NGFW OS 10 on Linux 4.19 running on NGFW 3410 with Intel Xeon Gold 6230N with PAA",
      "NGFW OS 10 on Linux 4.19 running on NGFW N120W with Intel Atom C3338 with PAA",
      "NGFW OS 10 on Linux 4.19 running on NGFW N120W with Intel Atom C3338 without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-10-11",
        "lab": "LEIDOS CSTL",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Forcepoint",
    "vendor_url": "http://www.forcepoint.com"
  }
}