This page was not yet optimized for use on mobile
devices.
Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE1800 Routing Engine
Certificate #3416
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, Triple-DES, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-512Asymmetric Algorithms
ECDH, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-512, SHA-384, MD5Schemes
Key ExchangeProtocols
SSH, SSHv2Randomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, CTRSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, SP 800-67, RFC 4253, X.509File metadata
| Subject | FIPS 140-2 Security Policy Template |
|---|---|
| Author | Jennifer Brady |
| Creation date | D:20190228190145-05'00' |
| Modification date | D:20190228190145-05'00' |
| Pages | 23 |
| Creator | Microsoft® Word for Office 365 |
| Producer | Microsoft® Word for Office 365 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
- cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3416,
"dgst": "71eebf8f5760b70c",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KTS#2622",
"DRBG#1896",
"HMAC#3394",
"SHS#4140",
"CVL#1641",
"DRBG#1895",
"HMAC#3393",
"Triple-DES#2622",
"AES#5089",
"HMAC#3392",
"KTS#3392",
"SHS#4139",
"ECDSA#1319",
"SHS#4138"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:ex9208:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:ex9214:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:ex9204:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"17.3"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 10
},
"ECDSA": {
"ECDSA": 18
}
},
"FF": {
"DH": {
"DH": 1,
"Diffie-Hellman": 5
},
"DSA": {
"DSA": 2
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 2
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 4
}
},
"crypto_protocol": {
"SSH": {
"SSH": 35,
"SSHv2": 2
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 30,
"P-384": 12,
"P-521": 14
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2622": 1,
"#3392": 2,
"#5089": 1
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES CBC 128/192/256": 1,
"AES Cert. #5089": 1,
"HMAC Cert. #3392": 4,
"HMAC SHA-1": 1,
"HMAC SHA-256": 2,
"HMAC SHA-256 1319": 1,
"HMAC-SHA-1": 6,
"HMAC-SHA-256": 4,
"HMAC-SHA-512": 4,
"SHA 1, 256": 1,
"SHA 256": 3,
"SHA-1": 7,
"SHA-256": 6,
"SHA-384": 2,
"SHA-512": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 7
},
"SHA2": {
"SHA-256": 9,
"SHA-384": 1,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 10
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 9,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-135": 1,
"SP 800-67": 1,
"SP 800-90A": 4
},
"RFC": {
"RFC 4253": 2
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 6
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"Triple-DES": 7
}
},
"constructions": {
"MAC": {
"HMAC": 16,
"HMAC-SHA-256": 3,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Jennifer Brady",
"/CreationDate": "D:20190228190145-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Office 365",
"/ModDate": "D:20190228190145-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Office 365",
"/Subject": "FIPS 140-2 Security Policy Template",
"pdf_file_size_bytes": 753971,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000597-en.pdf",
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000417-en.pdf",
"http://www.juniper.net/",
"https://www.juniper.net/us/en/local/pdf/datasheets/1000432-en.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 23
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "8552ebde1cb8e26adb4633178efc93a4453ea2e072443c96c917851fdaa9983a",
"policy_txt_hash": "0937f5d9a4035b6917ca6640b621668c8492ce22e787d9d719365b544c9dedbb"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPSConsolidatedMarch2019.pdf",
"date_sunset": null,
"description": "Juniper Networks MX Series is a robust portfolio of SDN enabled routing platforms that provide industry leading system capacity,density,security and performance .RE1800 routing engines provide enhanced scaling and performance. Juniper Networks EX9200 series Ethernet Switches provide high performance, scalable connectivity, and carrier-class reliability for high-density environments with a a full suite of Layer 2 and Layer 3 switching capabilities along with firewall filters, multicast, hardware tunneling and Qos.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Junos OS 17.3R2",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "MX240, MX480, MX960, MX2010, MX2020, EX9204, EX9208 and EX9214 with components identified in Security Policy Table 1",
"level": 1,
"mentioned_certs": {},
"module_name": "Juniper Networks MX240, MX480, MX960, MX2010, MX2020 3D Universal Edge Routers and EX9204, EX9208, EX9214 Ethernet Switches with RE1800 Routing Engine",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2019-03-25",
"lab": "Acumen Security",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net/"
}
}