Lenel OnGuard Access Control Cryptographic Module

Certificate #3566

Webpage information

Status historical
Historical reason Moved to historical list due to dependency on certificate #2606
Validation dates 18.11.2019
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode with Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2606 operating in FIPS mode or Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2937 operating in FIPS mode
Exceptions
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description Lenel open platform security system integrates seamlessly with video, intrusion, access and fire products and offers remote access and management functionality, and is constantly evolving to meet changing mandates and guidelines. FICAM Architecture options include onboard authentication, ideal for new installations, or an add-on authentication module, perfect for retrofits and architectures where onboard authentication is not available. The OnGuard FICAM security management solution consists of Lenel OnGuard software, Lenel access and door controllers, and HID pivCLASS® software and readers.
Tested configurations
  • Microsoft Windows 10 64-bit running on Precision Workstation T3500 with an Intel Xeon W3670
  • Microsoft Windows Server 2016 64-bit running on Precision Workstation T3500 with an Intel Xeon W3530 (single-user mode)
Vendor UTC Fire & Security Americas Corporation, Inc.
References

This certificate's webpage directly references 2 certificates, transitively this expands into 27 certificates.

Security policy

Symmetric Algorithms
AES, AES-128, AES-256, RC2, HMAC
Asymmetric Algorithms
RSA-1024, RSA-2048, RSA 2048, RSA 4096
Hash functions
SHA-1, SHA-256, SHA-384, SHA-512
Schemes
Key Exchange
Protocols
TLS, TLS v1.1, TLS 1.2
Randomness
DRBG, RNG
Block cipher modes
ECB, CBC, CTR
TLS cipher suites
TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA384, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA384

Vendor
Microsoft

Security level
Level 1

Standards
FIPS 140-2, FIPS 197, FIPS PUB 140-2, SP 800-56B, SP 800-90A, PKCS1

File metadata

Title Microsoft Word - 712m - 7.5.375.1 - Lenel Security Policy.docx
Author lgarcia
Creation date D:20191114101039-08'00'
Modification date D:20191114101039-08'00'
Pages 21
Creator PScript5.dll Version 5.2.2
Producer Acrobat Distiller 17.0 (Windows)

References

Outgoing
  • 2606 - historical - Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub
  • 2937 - historical - Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016, Azure Host OS (version 1.65)

Heuristics

No heuristics are available for this certificate.

References

Loading...

Updates Feed

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3566,
  "dgst": "7d2371aaf1df1dcb",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#4064",
        "SHS#2886",
        "HMAC#2233",
        "CVL#575",
        "SHS#3347",
        "HMAC#2651",
        "DRBG#1217",
        "KTS#C500",
        "RSA#1783",
        "RSA#2193",
        "AES#3497",
        "CVL#886",
        "DRBG#868",
        "AES#C500"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2606",
          "2937"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "2701",
          "3451",
          "3437",
          "3502",
          "2606",
          "3501",
          "2935",
          "3447",
          "3469",
          "2601",
          "3426",
          "3510",
          "2931",
          "2604",
          "3487",
          "2605",
          "2600",
          "3464",
          "2936",
          "2933",
          "2602",
          "3427",
          "2937",
          "3415",
          "2702",
          "2700",
          "2932"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "2606",
        "2937"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "2606",
          "2937"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "3652",
          "2701",
          "3451",
          "3646",
          "3437",
          "3502",
          "2606",
          "3501",
          "2935",
          "3447",
          "3469",
          "2601",
          "3426",
          "3510",
          "2931",
          "2604",
          "3487",
          "2605",
          "2600",
          "3464",
          "2936",
          "2933",
          "2602",
          "3427",
          "2937",
          "3553",
          "3415",
          "2702",
          "2700",
          "2932"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "2606",
        "2937"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "RSA": {
          "RSA 2048": 2,
          "RSA 4096": 1,
          "RSA-1024": 2,
          "RSA-2048": 1
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 6
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "TLS": {
          "TLS": {
            "TLS": 48,
            "TLS 1.2": 1,
            "TLS v1.1": 3
          }
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 2
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1217": 3,
          "#1783": 1,
          "#2193": 1,
          "#2233": 1,
          "#2606": 4,
          "#2651": 1,
          "#2937": 4,
          "#3497": 1,
          "#4064": 1,
          "#868": 3
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES-128": 1,
          "AES-128/ 256": 1,
          "AES-256": 1,
          "HMAC SHA-1 (160": 1,
          "HMAC SHA-256": 1,
          "HMAC SHA-384": 1,
          "PKCS1": 4,
          "RSA 2048": 2,
          "RSA 4096": 1,
          "SHA-1": 1,
          "SHA-1 (160": 1,
          "SHA-256": 5,
          "SHA-384": 1,
          "SHA-512": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 2
          },
          "SHA2": {
            "SHA-256": 5,
            "SHA-384": 1,
            "SHA-512": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 22
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 13,
          "FIPS 197": 2,
          "FIPS PUB 140-2": 1
        },
        "NIST": {
          "SP 800-56B": 1,
          "SP 800-90A": 4
        },
        "PKCS": {
          "PKCS1": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 17,
            "AES-128": 1,
            "AES-256": 1
          },
          "RC": {
            "RC2": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 7
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_RSA_WITH_AES_128_CBC_SHA": 1,
          "TLS_RSA_WITH_AES_128_CBC_SHA256": 1,
          "TLS_RSA_WITH_AES_128_CBC_SHA384": 1,
          "TLS_RSA_WITH_AES_256_CBC_SHA": 1,
          "TLS_RSA_WITH_AES_256_CBC_SHA256": 1,
          "TLS_RSA_WITH_AES_256_CBC_SHA384": 1
        }
      },
      "vendor": {
        "Microsoft": {
          "Microsoft": 11
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "lgarcia",
      "/CreationDate": "D:20191114101039-08\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20191114101039-08\u002700\u0027",
      "/Producer": "Acrobat Distiller 17.0 (Windows)",
      "/Title": "Microsoft Word - 712m - 7.5.375.1 - Lenel Security Policy.docx",
      "pdf_file_size_bytes": 193496,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 21
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.InternalState",
    "module": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": null,
      "txt_hash": null
    },
    "policy": {
      "_type": "sec_certs.sample.document_state.DocumentState",
      "convert_ok": true,
      "download_ok": true,
      "extract_ok": true,
      "json_hash": null,
      "source_hash": "ad1919ebe554de8f7094b08cfba763c182ba44fcbe994ac17f7e286fc006044e",
      "txt_hash": "0a80ccc662c984ca59e92e16d1fea98a4a115110c5e8cb72324fa33908f167f1"
    }
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode with Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows 10 for Surface Hub validated to FIPS 140-2 under Cert. #2606 operating in FIPS mode or Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Microsoft Windows 10, Windows 10 Pro, Windows 10 Enterprise, Windows 10 Enterprise LTSB, Windows 10 Mobile, Windows Server 2016 Standard, Windows Server 2016 Datacenter, Windows Storage Server 2016 validated to FIPS 140-2 under Cert. #2937 operating in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertNov2019.pdf",
    "date_sunset": null,
    "description": "Lenel open platform security system integrates seamlessly with video, intrusion, access and fire products and offers remote access and management functionality, and is constantly evolving to meet changing mandates and guidelines. FICAM Architecture options include onboard authentication, ideal for new installations, or an add-on authentication module, perfect for retrofits and architectures where onboard authentication is not available. The OnGuard FICAM security management solution consists of Lenel OnGuard software, Lenel access and door controllers, and HID pivCLASS\u00ae software and readers.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": "Moved to historical list due to dependency on certificate #2606",
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {
      "2606": 1,
      "2937": 1
    },
    "module_name": "Lenel OnGuard Access Control Cryptographic Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": "7.4.457.69 with Critical On-Demand Hot Fix for DE40714 or 7.5.375.1",
    "tested_conf": [
      "Microsoft Windows 10 64-bit running on Precision Workstation T3500 with an Intel Xeon W3670",
      "Microsoft Windows Server 2016 64-bit running on Precision Workstation T3500 with an Intel Xeon W3530 (single-user mode)"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2019-11-18",
        "lab": "UL Verification Services, Inc.",
        "validation_type": "Initial"
      }
    ],
    "vendor": "UTC Fire \u0026 Security Americas Corporation, Inc.",
    "vendor_url": "http://www.lenel.com"
  }
}