This page was not yet optimized for use on mobile devices.
Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches
Certificate #4661
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, CAST, Triple-DES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 2048, RSA 4096, RSA 3072, ECDH, ECDSA, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-512, SHA-384, MD5Schemes
MAC, Key Exchange, AEADProtocols
SSH, IKE, IPsecRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, CTR, GCMSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, RFC 4253, X.509File metadata
Creation date | D:20231120151210-05'00' |
---|---|
Modification date | D:20231120151210-05'00' |
Pages | 25 |
References
Incoming- 4879 - active - Samsung NVMe TCG Opal SSC SEDs PM1743/PM1745 Series
Heuristics ?
References ?
Updates ?
-
18.11.2024 The certificate data changed.
Certificate changed
The computed heuristics were updated.
- The policy_processed_references property was updated, with the
{'directly_referenced_by': {'_type': 'Set', 'elements': ['4879']}, 'indirectly_referenced_by': {'_type': 'Set', 'elements': ['4879']}}
data.
- The policy_processed_references property was updated, with the
-
02.01.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4661,
"dgst": "94ca7771bcbfb3a5",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC#A867",
"HMAC#A866",
"HMAC#A868",
"AES#A867",
"Triple-DES#A867",
"DRBG#A867",
"ECDSA#A867",
"SHS#A867",
"CVL#A867",
"SHS#A868",
"DRBG#A866",
"SHS#A866",
"RSA#A867"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:ex4650:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:qfx5120:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:qfx5210:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"20.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": {
"_type": "Set",
"elements": [
"4879"
]
},
"directly_referencing": null,
"indirectly_referenced_by": {
"_type": "Set",
"elements": [
"4879"
]
},
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 3
},
"ECDSA": {
"ECDSA": 21
}
},
"FF": {
"DH": {
"DH": 8,
"Diffie-Hellman": 7
},
"DSA": {
"DSA": 2
}
},
"RSA": {
"RSA 2048": 7,
"RSA 3072": 4,
"RSA 4096": 2
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 2
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"IPsec": {
"IPsec": 1
},
"SSH": {
"SSH": 39
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KEX": {
"Key Exchange": 2
},
"MAC": {
"MAC": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 26,
"P-384": 12,
"P-521": 14
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 1,
"AES [197": 1,
"DRBG 3": 1,
"DRBG 4": 1,
"HMAC SHA 256": 1,
"HMAC SHA-1": 1,
"HMAC SHA-256": 2,
"HMAC [198": 3,
"HMAC-SHA-1": 6,
"HMAC-SHA-256": 4,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 4,
"RSA 2048": 7,
"RSA 3072": 4,
"RSA 4096": 2,
"SHA 1, 256": 1,
"SHA 256": 7,
"SHA-1": 7,
"SHA-256": 10,
"SHA-384": 5,
"SHA-512": 5,
"SHS [180": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 2,
"level 1": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 7
},
"SHA2": {
"SHA-256": 13,
"SHA-384": 3,
"SHA-512": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 9,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-135": 1,
"SP 800-90A": 3
},
"RFC": {
"RFC 4253": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 6
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 7
}
},
"constructions": {
"MAC": {
"HMAC": 18,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20231120151210-05\u002700\u0027",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId": "15f92b67-224a-415d-a546-8cebb245dcaf",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application": "Microsoft Azure Information Protection",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled": "True",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method": "Automatic",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name": "Juniper Business Use Only",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner": "[email protected]",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate": "2019-06-28T05:46:17.5561117Z",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId": "bea78b3c-4cdb-4130-854a-1d193232e5f4",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "be1f6878-6aa4-41fd-9765-65bd138a380f",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-11-20T20:11:41Z",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
"/ModDate": "D:20231120151210-05\u002700\u0027",
"pdf_file_size_bytes": 1044689,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000639-en.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33465",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33464",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=33466",
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000640-en.pdf",
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000633-en.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 25
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "5861829b3744e18081e46eef4e1d9ba4140d77759fa94109dbd272840886b32e",
"policy_txt_hash": "7faa02e05a136e031d70b30540712f9cbce34b1c2b7e0deca8aea312c1f2f9a5"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2023_111223_0648_signed.pdf",
"date_sunset": "2026-09-21",
"description": "The Juniper Networks QFX series switches are high performance, high density data center switches. The QFX switches provide high performance, wire speed switching with low latency and jitter. The QFX series switches provide the universal building blocks for multiple data center fabric architectures.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS OS 20.2R1-S1",
"historical_reason": null,
"hw_versions": "EX4650-48Y-AFI, EX4650-48Y-AFO, EX4650-48Y-DC-AFI, EX4650-48Y-DC-AFO, QFX5120-32C-AFI , QFX5120-32C-AFO , QFX5120-32C-DC-AFI , QFX5120-32C-DC-AFO, QFX5120-48T-AFI, QFX5120-48T-AFO, QFX5120-48T-DC-AFI, QFX5120-48T-DC-AFO, QFX5120-48Y-AFI2, QFX5120-48Y-AFO2 , QFX5120-48Y-DC-AFI2, QFX5120-48Y-DC-AFO2, QFX5210- 64C-AFI , QFX5210- 64C-AFO, QFX5210-64C-DC-AFI, QFX5210-64C-DC-AFO",
"level": 1,
"mentioned_certs": {},
"module_name": "Juniper Networks EX4650, QFX5120 and QFX5210 Ethernet Switches",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-11-28",
"lab": "LEIDOS CSTL",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc",
"vendor_url": "http://www.juniper.net"
}
}