Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways

Certificate #2730

Webpage information

Status historical
Historical reason Moved to historical list due to sunsetting
Validation dates 31.08.2016
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.
Version (Hardware) P/Ns {SRX5400 (SRX5400B2-AC, SRX5400B2-DC, SRX5400BB-AC, or SRX5400BB-DC), SRX5600 (SRX5600BASE-AC or SRX5600BASE-DC), and SRX5800 (SRX5800BASE-AC or SRX5800BASE-DC)} with Service Processing Cards (SRX5K-SPC-2-10-40 or SRX5K-SPC-4-15-320) and Tamper Seals (JNPR-FIPS-TAMPER-LBLS)
Version (Firmware) JUNOS-FIPS 12.1X46-D40
Vendor Juniper Networks, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, TDES, HMAC
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, DH, DSA
Hash functions
MD5
Schemes
MAC, Key Exchange
Protocols
SSH, SSHv2, IKEv2, IKE, IKEv1, IPsec
Randomness
DRBG, RNG
Libraries
OpenSSL
Block cipher modes
CBC, CTR, GCM

Security level
Level 2, Level 1

Standards
FIPS 197, X.509

File metadata

Title Microsoft Word - 35d - SRX_5K_Security_Policy_1.3.docx
Author lgarcia
Creation date D:20160825080035-07'00'
Modification date D:20160825080035-07'00'
Pages 31
Creator PScript5.dll Version 5.2.2
Producer Acrobat Distiller 11.0 (Windows)

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 2730,
  "dgst": "8fe57443675ecebf",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#3074",
        "DRBG#981",
        "ECDSA#758",
        "DSA#1032",
        "Triple-DES#2035",
        "HMAC#2412",
        "Triple-DES#2037",
        "DSA#1022",
        "SHS#3080",
        "AES#3656",
        "CVL#659",
        "CVL#660",
        "AES#3663",
        "AES#3650",
        "Triple-DES#2036",
        "ECDSA#770",
        "HMAC#2400",
        "HMAC#2406",
        "HMAC#2413",
        "AES#3662",
        "RSA#1896",
        "SHS#3068",
        "Triple-DES#2038",
        "RSA#1885",
        "SHS#3081",
        "ECDSA#769",
        "DSA#1033",
        "RSA#1895"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "12.1"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 10
          },
          "ECDSA": {
            "ECDSA": 25
          }
        },
        "FF": {
          "DH": {
            "DH": 13
          },
          "DSA": {
            "DSA": 5
          }
        },
        "RSA": {
          "RSA 2048": 8
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 7
        },
        "CTR": {
          "CTR": 2
        },
        "GCM": {
          "GCM": 5
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 1
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKE": 24,
          "IKEv1": 2,
          "IKEv2": 3
        },
        "IPsec": {
          "IPsec": 16
        },
        "SSH": {
          "SSH": 50,
          "SSHv2": 3
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 2
        },
        "MAC": {
          "MAC": 3
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES CBC 128/192/256": 4,
          "RSA 2048": 8,
          "RSA 2448": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 2
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 4
        },
        "RNG": {
          "RNG": 3
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 197": 3
        },
        "X509": {
          "X.509": 5
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 15
          }
        },
        "DES": {
          "3DES": {
            "TDES": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 12
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "lgarcia",
      "/CreationDate": "D:20160825080035-07\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20160825080035-07\u002700\u0027",
      "/Producer": "Acrobat Distiller 11.0 (Windows)",
      "/Title": "Microsoft Word - 35d - SRX_5K_Security_Policy_1.3.docx",
      "pdf_file_size_bytes": 859722,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 31
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "eb329419c64606899407f736d6b235b1ca9b2cf5444f3ed7cd7a9d4816917b2f",
    "policy_txt_hash": "af47b791904808600eeb8f8b26034129e9713a0c90c0c886b00a4d0a5fe70938"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertAug2016.pdf",
    "date_sunset": null,
    "description": "Juniper Networks SRX Series Services Gateways provide the essential capabilities necessary to connect, secure, and manage enterprise and service provider networks, from the smallest sites to the largest headquarters and data centers.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "JUNOS-FIPS 12.1X46-D40",
    "historical_reason": "Moved to historical list due to sunsetting",
    "hw_versions": "P/Ns {SRX5400 (SRX5400B2-AC, SRX5400B2-DC, SRX5400BB-AC, or SRX5400BB-DC), SRX5600 (SRX5600BASE-AC or SRX5600BASE-DC), and SRX5800 (SRX5800BASE-AC or SRX5800BASE-DC)} with Service Processing Cards (SRX5K-SPC-2-10-40 or SRX5K-SPC-4-15-320) and Tamper Seals (JNPR-FIPS-TAMPER-LBLS)",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2016-08-31",
        "lab": "UL Verification Services, Inc.",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Juniper Networks, Inc.",
    "vendor_url": "http://www.juniper.net"
  }
}