This page was not yet optimized for use on mobile devices.
WildFire 11.0 WF-500 and WF-500-B
Certificate #4917
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, CAST, DES, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMACAsymmetric Algorithms
RSA 2048, RSA 3072, RSA 4096, ECDHE, ECDH, ECDSA, ECC, Diffie-Hellman, DHE, DHHash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA2Schemes
Key ExchangeProtocols
SSH, TLS v1.2, TLS1.2, TLS, TLS 1.2, TLSv1.0, IKEv2, IPsec, VPNRandomness
DRBG, RNGElliptic Curves
P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, GCM, CCMTLS cipher suites
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384Security level
level 2, Level 2, Level 1Standards
FIPS 140-3, FIPS 186-4, FIPS 198-1, FIPS 180-4, SP 800-90B, SP 800-38A, SP 800-38D, SP 800-38F, SP 800-52, SP 800-63B, SP 800-140F, SP 800-56A, PKCS#1, RFC 3526, RFC7627, RFC 5288, RFC 5246, RFC 5282, ISO/IEC 24759File metadata
| Modification date | D:20241122102120--05'00 |
|---|---|
| Pages | 38 |
| Producer | Skia/PDF m132 Google Docs Renderer |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
16.12.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4917,
"dgst": "8eebb0799014a388",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHA2-512A3453",
"ECDSA SigVer (FIPS186-4)A3453",
"KDF IKEv2A3453",
"KAS-ECC-SSC Sp800-56Ar3A3453",
"HMAC-SHA-1A3453",
"HMAC-SHA2-224A3453",
"HMAC-SHA2-384A3453",
"SHA-1A3453",
"RSA KeyGen (FIPS186-4)A3453",
"KDF SSHA3453",
"KAS-FFC-SSC Sp800-56Ar3A3453",
"Counter DRBGA3453",
"SHA2-256A3453",
"AES-GCMA3453",
"RSA SigGen (FIPS186-4)A3453",
"Safe Primes Key GenerationA3453",
"KDF SNMPA3453",
"ECDSA KeyVer (FIPS186-4)A3453",
"AES-CTRA3453",
"AES-CFB128A3453",
"SHA2-224A3453",
"ECDSA KeyGen (FIPS186-4)A3453",
"SHA2-384A3453",
"HMAC-SHA2-256A3453",
"Safe Primes Key VerificationA3453",
"AES-CBCA3453",
"RSA SigVer (FIPS186-4)A3453",
"Conditioning Component AES-CBC-MAC SP800-90BA2518",
"ECDSA SigGen (FIPS186-4)A3453",
"HMAC-SHA2-512A3453",
"TLS v1.2 KDF RFC7627A3453"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"11.0",
"11.0.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 13,
"ECDHE": 4
},
"ECDSA": {
"ECDSA": 79
}
},
"FF": {
"DH": {
"DH": 5,
"DHE": 4,
"Diffie-Hellman": 11
}
},
"RSA": {
"RSA 2048": 12,
"RSA 3072": 3,
"RSA 4096": 3
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CCM": {
"CCM": 2
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 14
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKEv2": 15
},
"IPsec": {
"IPsec": 2
},
"SSH": {
"SSH": 80
},
"TLS": {
"TLS": {
"TLS": 56,
"TLS 1.2": 2,
"TLS v1.2": 18,
"TLS1.2": 1,
"TLSv1.0": 1
}
},
"VPN": {
"VPN": 7
}
},
"crypto_scheme": {
"KEX": {
"Key Exchange": 8
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 52,
"P-384": 42,
"P-521": 36
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#10": 1,
"#11": 2,
"#12": 2,
"#13": 1,
"#18": 1,
"#19": 1,
"#5": 1,
"#6": 1,
"#7": 1,
"#8": 1,
"#9": 1
}
},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES 256": 3,
"HMAC-SHA -1": 6,
"HMAC-SHA-1": 24,
"HMAC-SHA-256": 10,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"PKCS#1": 4,
"RSA 2048": 12,
"RSA 3072": 3,
"RSA 4096": 3,
"SHA-1": 6,
"SHA-256": 10,
"SHA-384": 1,
"SHA-512": 3,
"SHA2": 4,
"SHA2-224": 3,
"SHA2-256": 8,
"SHA2-384": 5,
"SHA2-512": 5
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 2": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 6
},
"SHA2": {
"SHA-224": 1,
"SHA-256": 11,
"SHA-384": 2,
"SHA-512": 4,
"SHA2": 4
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 52
},
"RNG": {
"RNG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 9,
"FIPS 180-4": 5,
"FIPS 186-4": 96,
"FIPS 198-1": 6
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-140F": 1,
"SP 800-38A": 4,
"SP 800-38D": 2,
"SP 800-38F": 4,
"SP 800-52": 1,
"SP 800-56A": 18,
"SP 800-63B": 2,
"SP 800-90B": 9
},
"PKCS": {
"PKCS#1": 2
},
"RFC": {
"RFC 3526": 2,
"RFC 5246": 1,
"RFC 5282": 1,
"RFC 5288": 2,
"RFC7627": 17
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 17
},
"CAST": {
"CAST": 1
}
},
"DES": {
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"CMAC": 1,
"HMAC": 19,
"HMAC-SHA-256": 5,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 1,
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 1,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 1,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 1
}
},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/ModDate": "D:20241122102120--05\u002700",
"/Producer": "Skia/PDF m132 Google Docs Renderer",
"/Title": "",
"pdf_file_size_bytes": 2382527,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.paloaltonetworks.com",
"https://docs.paloaltonetworks.com/content/dam/techdocs/en_US/pdf/advanced-wildfire/wildfire-appliance.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 38
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "a1efadbdb5aceaf0195e02b05a5eae9fb0e7fa01f650813a4d30aaf2cf26e9fa",
"policy_txt_hash": "a44e75a8197ce53a0f4455026e1b2b78211f8a7060724b2fce0fa65b32fb1c3b"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When installed, initialized and configured as specified in Section 11 of the Security Policy. The tamper evident seals and physical kit installed as indicated in the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy",
"certificate_pdf_url": null,
"date_sunset": "2026-12-12",
"description": "The WildFire 11.0 WF-500 and WF-500-B module identifies unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, services, and authentication: Level 3",
"Operational environment: N/A",
"Non-invasive security: N/A",
"Life-cycle assurance: Level 3",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": "11.0.4",
"historical_reason": null,
"hw_versions": "910-000097 with Physical Kit 920-000145, 910-000270 with Physical Kit 920-000318",
"level": 2,
"mentioned_certs": {},
"module_name": "WildFire 11.0 WF-500 and WF-500-B",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-12-13",
"lab": "LEIDOS CSTL",
"validation_type": "Initial"
}
],
"vendor": "Palo Alto Networks, Inc.",
"vendor_url": "http://www.paloaltonetworks.com"
}
}