This page was not yet optimized for use on mobile
devices.
Juniper Networks SRX4600 Services Gateway
Certificate #3337
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, DES, Triple-DES, TDES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 4096, RSA 2048, ECDH, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-224, SHA-512, MD5Schemes
Key Exchange, AEADProtocols
SSH, SSHv2, IKE, IKEv2, IKEv1, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, Level 1, level 2Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-67, SP 800-135, SP 800-90A, RFC 2409, RFC7296, RFC5282, RFC4106, RFC 4253, X.509File metadata
| Subject | FIPS 140-2 Security Policy Template |
|---|---|
| Author | Jennifer Brady |
| Creation date | D:20181114115809-05'00' |
| Modification date | D:20181114115809-05'00' |
| Pages | 27 |
| Creator | Microsoft® Word 2016 |
| Producer | Microsoft® Word 2016 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3337,
"dgst": "5bb844a8a792a21e",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC#3613",
"CVL#1903",
"HMAC#3609",
"HMAC#3637",
"HMAC#3612",
"AES#5454",
"Triple-DES#2743",
"KTS#2742",
"CVL#1902",
"AES#5483",
"HMAC#3610",
"Triple-DES#2760",
"DRBG#2139",
"RSA#2929",
"DRBG#2136",
"KTS#3613",
"SHS#4374",
"AES#5455",
"ECDSA#1456",
"SHS#4400",
"SHS#4376",
"SHS#4371",
"RSA#2928",
"ECDSA#1455",
"Triple-DES#2742",
"KTS#2743",
"SHS#4372",
"KTS#3612"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"18.1"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 13
},
"ECDSA": {
"ECDSA": 26
}
},
"FF": {
"DH": {
"DH": 4,
"Diffie-Hellman": 19
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 14,
"RSA 4096": 8
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 13
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 28,
"IKEv1": 5,
"IKEv2": 8
},
"IPsec": {
"IPsec": 27
},
"SSH": {
"SSH": 33,
"SSHv2": 2
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 3
},
"KEX": {
"Key Exchange": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 50,
"P-384": 36,
"P-521": 8
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1,
"#10": 1,
"#2742": 1,
"#2743": 1,
"#3612": 2,
"#3613": 2,
"#4": 1,
"#5": 1,
"#5454": 1,
"#5455": 1,
"#6": 1,
"#7": 1,
"#8": 1,
"#9": 1
}
},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 5,
"AES Cert. #5454": 1,
"AES Cert. #5455": 1,
"DRBG 2": 1,
"HMAC Cert. #3612": 4,
"HMAC Cert. #3613": 4,
"HMAC SHA-1": 1,
"HMAC SHA-224": 1,
"HMAC SHA-256": 5,
"HMAC SHA1": 1,
"HMAC-SHA-1": 4,
"HMAC-SHA-1-96": 2,
"HMAC-SHA-256": 12,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"HMAC-SHA1-96": 1,
"RSA 2048": 14,
"RSA 4096": 8,
"SHA 1, 256": 1,
"SHA 256": 14,
"SHA 384": 2,
"SHA 512": 1,
"SHA-1": 9,
"SHA-224": 2,
"SHA-256": 17,
"SHA-384": 3,
"SHA-512": 3,
"SHA1": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 9,
"SHA1": 3
},
"SHA2": {
"SHA-224": 2,
"SHA-256": 21,
"SHA-384": 2,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 14
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 6,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-135": 2,
"SP 800-67": 3,
"SP 800-90A": 7
},
"RFC": {
"RFC 2409": 1,
"RFC 4253": 1,
"RFC4106": 2,
"RFC5282": 1,
"RFC7296": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 28
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 3,
"Triple-DES": 25
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"HMAC": 25,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Jennifer Brady",
"/CreationDate": "D:20181114115809-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2016",
"/ModDate": "D:20181114115809-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2016",
"/Subject": "FIPS 140-2 Security Policy Template",
"pdf_file_size_bytes": 1714655,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000628-en.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 27
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "d27047249973d3944ffc80baaf1ebf8bfc6cd8dddfabd56ff7bc165ee3dbed54",
"policy_txt_hash": "2038e02271c12bf56f1507ae66db32d7d904cefb06356160fa50bf503018f8e7"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/Dec2018Cert.pdf",
"date_sunset": null,
"description": "The SRX4600 is a high-performance, next-generation firewall supporting cloud-enabled enterprise data center, campus or service provider networks. It offers high-scale security services while providing scalability, ease of management, secure connectivity, and advanced threat mitigation capabilities.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Junos OS 18.1R1",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "SRX4600-AC and SRX4600-DC with Tamper Seals JNPR-FIPS-TAMPER-LBLS",
"level": 2,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX4600 Services Gateway",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-12-04",
"lab": "Acumen Security",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net/"
}
}