This page was not yet optimized for use on mobile
devices.
MX240, MX480, and MX960 3D Universal Edge Routers with the Multiservices MPC and Junos 14.2X4-D10.11
Certificate #2690
Webpage information
Security policy
Symmetric Algorithms
AES, AES-128, AES-192, AES-, AES-256, Triple-DES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA-2, MD5Schemes
Key ExchangeProtocols
SSH, SSHv2, IKE, IKEv1, IKEv2, IPsec, VPNRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, CTRSecurity level
Level 2, Level 1Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-90A, X.509File metadata
| Subject | FIPS 140-2 Security Policy Template |
|---|---|
| Author | Steve Weymann |
| Creation date | D:20170501080010-07'00' |
| Modification date | D:20170501080835-07'00' |
| Pages | 22 |
| Creator | Microsoft® Word 2010 |
| Producer | Microsoft® Word 2010 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 2690,
"dgst": "8ba89f83a1974503",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"DSA#1079",
"SHS#3262",
"ECDSA#870",
"SHS#3261",
"Triple-DES#2168",
"DRBG#1157",
"SHS#3264",
"HMAC#2578",
"CVL#791",
"ECDSA#869",
"HMAC#2575",
"Triple-DES#2167",
"HMAC#2577",
"SHS#3263",
"DRBG#1158",
"CVL#792",
"AES#3955",
"AES#3957",
"RSA#2020",
"DSA#1078",
"HMAC#2576",
"Triple-DES#2166",
"RSA#2019",
"AES#3956"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:mx480:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx960:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:mx240:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"14.2",
"10.11"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 9
},
"ECDSA": {
"ECDSA": 21
}
},
"FF": {
"DH": {
"DH": 5,
"Diffie-Hellman": 12
},
"DSA": {
"DSA": 4
}
},
"RSA": {
"RSA 2048": 5
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 45
},
"CTR": {
"CTR": 4
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 4
}
},
"crypto_protocol": {
"IKE": {
"IKE": 15,
"IKEv1": 1,
"IKEv2": 1
},
"IPsec": {
"IPsec": 10
},
"SSH": {
"SSH": 28,
"SSHv2": 3
},
"VPN": {
"VPN": 3
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 38,
"P-384": 16,
"P-521": 10
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#2578": 1
}
},
"fips_certlike": {
"Certlike": {
"AES CBC 128": 2,
"AES CBC 128, 192": 3,
"AES CBC 192": 1,
"AES CBC 256": 2,
"AES CTR 128": 1,
"AES CTR 256": 1,
"AES- 256": 1,
"AES-128": 3,
"AES-192": 3,
"AES-256": 2,
"DES3": 6,
"HMAC Cert. #2578": 2,
"HMAC-SHA- 1-96": 1,
"HMAC-SHA- 512": 2,
"HMAC-SHA-1": 16,
"HMAC-SHA-1-96": 4,
"HMAC-SHA-256": 18,
"HMAC-SHA-256 256": 4,
"HMAC-SHA-384": 6,
"HMAC-SHA-512": 6,
"HMAC-SHA1": 6,
"RSA 2048": 5,
"SHA- 256": 1,
"SHA-1 80": 3,
"SHA-2": 1,
"SHA-256": 10,
"SHA-384": 3,
"SHA-512": 1,
"SHA-512 256": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"Level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 3
},
"SHA2": {
"SHA-2": 1,
"SHA-256": 12,
"SHA-384": 3,
"SHA-512": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 8
},
"RNG": {
"RNG": 3
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 6,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-90A": 3
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 37,
"AES-": 1,
"AES-128": 3,
"AES-192": 3,
"AES-256": 2
}
},
"DES": {
"3DES": {
"Triple-DES": 13
}
},
"constructions": {
"MAC": {
"HMAC": 6,
"HMAC-SHA-256": 11,
"HMAC-SHA-384": 3,
"HMAC-SHA-512": 3
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Steve Weymann",
"/CreationDate": "D:20170501080010-07\u002700\u0027",
"/Creator": "Microsoft\u00ae Word 2010",
"/ModDate": "D:20170501080835-07\u002700\u0027",
"/Producer": "Microsoft\u00ae Word 2010",
"/Subject": "FIPS 140-2 Security Policy Template",
"pdf_file_size_bytes": 1082904,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.juniper.net/us/en/local/pdf/datasheets/1000208-en.pdf",
"http://www.juniper.net/documentation/en_US/junos15.1/topics/concept/ms-mic-and-mpc-overview.html",
"http://www.juniper.net/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 22
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "11e3d1976f326e123cf8c1cef274c4f24176dcaaa39fd8cbcc1a81ca10218b90",
"policy_txt_hash": "9416dae88bce3774451ca706a13581ede15eab61e98ef995fda64566ea71a19b"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertJuly2016.pdf",
"date_sunset": null,
"description": "The MX 3D Universal Edge Routers deliver high performance, reliability, and scale to enable a cost-effective solution. Key features include support for a wide range of L2/L3 VPN services and advanced broadband network gateway functions, along with integrated routing, switching and security services.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Junos 14.2X4-D10.11",
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": "MX240, MX480 and MX960 with components identified in Security Policy Table 1",
"level": 1,
"mentioned_certs": {},
"module_name": "MX240, MX480, and MX960 3D Universal Edge Routers with the Multiservices MPC and Junos 14.2X4-D10.11",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2016-07-28",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2017-05-02",
"lab": "UL Verification Services, Inc.",
"validation_type": "Update"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net"
}
}