This page was not yet optimized for use on mobile
devices.
FortiGate-5001D Blade with FortiGate-5144C Chassis
Certificate #3240
Webpage information
Security policy
Symmetric Algorithms
AES-256, AES, Triple-DES, HMAC, HMAC-SHA-256Asymmetric Algorithms
ECDSA, Diffie-HellmanHash functions
SHA-1, SHA1, SHA-256, SHA-384, SHA-512, MD5Schemes
Key agreementProtocols
SSH, SSL, TLS 1.2, TLS, TLS 1.1, IKE, IKEv2, IPsec, VPNRandomness
DRBG, RBGElliptic Curves
P-256, P-384, P-521, secp256r1, secp384r1, secp521r1Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, level 2Certification process
out of scope, is FortiOS 5.4, b9791, 170802. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. Figure 2 is representative of theStandards
FIPS 140-2, FIPS140-2, NIST SP 800-90A, NIST SP 800-133, SP 800-52, PKCS1, RFC 5246, RFC 5288File metadata
| Title | FortiOS 5.4 FIPS Level 2- 5000 Series Security Policy |
|---|---|
| Author | Fortinet Technical Documentation |
| Creation date | D:20180712160539-04'00' |
| Modification date | D:20180712160539-04'00' |
| Pages | 36 |
| Producer | madbuild |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3240,
"dgst": "8e690b5f73876692",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#4628",
"AES#4604",
"SHS#3777",
"SHS#3779",
"CVL#1329",
"CVL#1287",
"HMAC#3063",
"ECDSA#1137",
"RSA#2526",
"SHS#3792",
"HMAC#3052",
"CVL#1288",
"KTS#4628",
"AES#4602",
"DRBG#1543",
"RSA#2510",
"ECDSA#1129",
"CVL#1272",
"KTS#3063",
"HMAC#3050"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:fortinet:fortigate_5001d:-:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortigate_5144c:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"5.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 11
}
},
"FF": {
"DH": {
"Diffie-Hellman": 15
}
}
},
"certification_process": {
"OutOfScope": {
"is FortiOS 5.4, b9791, 170802. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. Figure 2 is representative of the": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 6
},
"CTR": {
"CTR": 1
},
"GCM": {
"GCM": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 26,
"IKEv2": 1
},
"IPsec": {
"IPsec": 26
},
"SSH": {
"SSH": 16
},
"TLS": {
"SSL": {
"SSL": 3
},
"TLS": {
"TLS": 10,
"TLS 1.1": 1,
"TLS 1.2": 1
}
},
"VPN": {
"VPN": 25
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 10,
"P-384": 8,
"P-521": 8,
"secp256r1": 1,
"secp384r1": 1,
"secp521r1": 1
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1272": 3,
"#1287": 3,
"#3063": 1,
"#4628": 1
}
},
"fips_certlike": {
"Certlike": {
"AES Cert. #4628": 1,
"AES-256": 1,
"HMAC Cert. #3063": 2,
"HMAC SHA-1": 6,
"HMAC SHA-1 3050": 1,
"HMAC SHA-256": 9,
"HMAC SHA-256 3050": 1,
"HMAC SHA-384": 2,
"HMAC SHA-384 3050": 1,
"HMAC SHA-512": 2,
"HMAC SHA-512 3050": 1,
"HMAC-SHA-256": 2,
"PKCS1": 1,
"RSA PKCS1": 1,
"SHA-1": 10,
"SHA-1 3050": 1,
"SHA-1 3777": 1,
"SHA-256": 12,
"SHA-384": 5,
"SHA-512": 3,
"SHA-512 3050": 1,
"SHA-512 3777": 1,
"SHA1": 1
}
},
"fips_security_level": {
"Level": {
"Level 2": 7,
"level 2": 2
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 12,
"SHA1": 1
},
"SHA2": {
"SHA-256": 12,
"SHA-384": 5,
"SHA-512": 5
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 30
},
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 22,
"FIPS140-2": 1
},
"NIST": {
"NIST SP 800-133": 1,
"NIST SP 800-90A": 2,
"SP 800-52": 1
},
"PKCS": {
"PKCS1": 1
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 26,
"AES-256": 1
}
},
"DES": {
"3DES": {
"Triple-DES": 2
}
},
"constructions": {
"MAC": {
"HMAC": 24,
"HMAC-SHA-256": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Fortinet Technical Documentation",
"/CreationDate": "D:20180712160539-04\u002700\u0027",
"/Keywords": "",
"/ModDate": "D:20180712160539-04\u002700\u0027",
"/Producer": "madbuild",
"/Subject": "",
"/Title": "FortiOS 5.4 FIPS Level 2- 5000 Series Security Policy",
"pdf_file_size_bytes": 8299811,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://fortiguard.com/",
"https://www.fortinet.com/support-and-training/training.html",
"http://forticast.fortinet.com/",
"http://fortiguard.com/",
"https://support.fortinet.com/",
"https://training.fortinet.com/",
"http://www.fortinet.com/contact",
"http://kb.fortinet.com/",
"http://cookbook.fortinet.com/",
"https://video.fortinet.com/",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"https://www.fortinet.com/doc/legal/EULA.pdf",
"http://www.fortinet.com/support",
"http://cookbook.fortinet.com/how-to-work-with-fortinet-support/",
"https://docs.fortinet.com/",
"http://docs.fortinet.com/",
"http://www.fortinet.com/products",
"https://blog.fortinet.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 36
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "8c883220adfb0a5ca286a1d88be300071b55854fa4691340ea919b6b347ea2f4",
"policy_txt_hash": "a7fd909b86fb153193dd7fc7e9b3a4a00339aae401067430c9adbfbfe11ad029"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy and configured according to the Entropy Token Section of the Security Policy. No assurance of the minimum strength of generated keys",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/JulyConsolidatedCert.pdf",
"date_sunset": null,
"description": "The FortiOS is a firmware based operating system that runs exclusively on Fortinet\u0027s FortiGate/FortiWiFi product family. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Cryptographic Module Ports and Interfaces: Level 3",
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3"
],
"fw_versions": "FortiOS 5.4, b9791, 170802",
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": "Blade: C1AA92; Chassis: C1AB98; Front Filler Panel: PN P16708-01: thirteen; Rear Filler Panel: PN P16710-01: fourteen; with Tamper Evident Seal Kits: FIPS-SEAL-RED",
"level": 2,
"mentioned_certs": {},
"module_name": "FortiGate-5001D Blade with FortiGate-5144C Chassis",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2018-07-24",
"lab": "CGI Information Systems \u0026 Management Consultants Inc",
"validation_type": "Initial"
}
],
"vendor": "Fortinet, Inc.",
"vendor_url": "http://www.fortinet.com"
}
}