Juniper Networks SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways

Certificate #1613

Webpage information

Status historical
Historical reason RNG SP800-131A Revision 1 Transition
Validation dates 06.10.2011 , 08.11.2011 , 11.12.2013
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat The tamper evident seals and security devices installed as indicated in the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Description SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. All SRX Series Services Gateways, including products scaled for the branch, campus and data center applications, are powered by Juniper Networks JUNOS the proven
Version (Hardware) (SRX100B, SRX100H, SRX210B, SRX210BE, SRX210H, SRX210HE, SRX210H-POE, SRX210HE-POE, SRX220H, SRX220H-POE, SRX240B, SRX240H, SRX240H-POE, SRX650-BASE-SRE6-645AP and SRX650-BASE-SRE6-645DP) with JNPR-FIPS-TAMPER-LBLS
Version (Firmware) 10.4R4
Vendor Juniper Networks, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, DES, Triple-DES, TDES, 3DES, HMAC, HMAC-SHA-256
Asymmetric Algorithms
Diffie-Hellman, DH, DSA
Hash functions
SHA-1, SHA-256, SHA-2, MD5
Schemes
Key Exchange
Protocols
SSH, SSL, IKEv1, IKE, IPsec
Randomness
RNG

Security level
Level 2

Standards
FIPS 140-2, FIPS 186-2, PKCS1, X.509

File metadata

Title JUNOS Cryptographic Security Policy
Creation date D:20111025140615-07'00'
Modification date D:20111025140623-07'00'
Pages 22
Creator Acrobat PDFMaker 9.1 for Word
Producer Adobe PDF Library 9.0

References

Incoming
  • 3021 - historical - Aruba AP-204, AP-205 and AP-205H Wireless Access Points

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 1613,
  "dgst": "96382608813353be",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#1624",
        "SHS#1433",
        "RSA#802",
        "Triple-DES#1064",
        "HMAC#955",
        "RNG#871",
        "DSA#510"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:juniper:srx240:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx220:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx650:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx100:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:srx210:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "10.4"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "3021"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "3021"
        ]
      },
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 2
          },
          "DSA": {
            "DSA": 11
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {},
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "IKE": {
          "IKE": 3,
          "IKEv1": 1
        },
        "IPsec": {
          "IPsec": 3
        },
        "SSH": {
          "SSH": 19
        },
        "TLS": {
          "SSL": {
            "SSL": 1
          }
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES 128, 192": 2,
          "AES-CBC 128/192/256 1624": 1,
          "DSA 1024": 1,
          "HMAC SHA-1": 2,
          "HMAC SHA-256 955": 1,
          "HMAC-SHA-1": 16,
          "HMAC-SHA-256": 6,
          "PKCS1": 2,
          "SHA-1": 11,
          "SHA-2": 1,
          "SHA-256": 5
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 11
          },
          "SHA2": {
            "SHA-2": 1,
            "SHA-256": 5
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "RNG": {
          "RNG": 10
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 6,
          "FIPS 186-2": 5
        },
        "PKCS": {
          "PKCS1": 1
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 6
          }
        },
        "DES": {
          "3DES": {
            "3DES": 1,
            "TDES": 5,
            "Triple-DES": 1
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 3,
            "HMAC-SHA-256": 3
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "",
      "/Category": "",
      "/Company": "",
      "/CreationDate": "D:20111025140615-07\u002700\u0027",
      "/Creator": "Acrobat PDFMaker 9.1 for Word",
      "/Keywords": "",
      "/Manager": "",
      "/ModDate": "D:20111025140623-07\u002700\u0027",
      "/Producer": "Adobe PDF Library 9.0",
      "/SourceModified": "D:20111025210608",
      "/Subject": "",
      "/Title": "JUNOS Cryptographic Security Policy",
      "pdf_file_size_bytes": 786153,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.juniper.net/techpubs/software/junos-srx/junos-srx10.0/index.html\u0000",
          "http://www.juniper.net/techpubs/en_US/release-independent/junos/information-products/pathway-pages/hardware/srx240/index.html\u0000",
          "http://www.juniper.net/techpubs/en_US/release-independent/junos/information-products/pathway-pages/hardware/SRX220/index.html\u0000",
          "http://www.juniper.net/techpubs/en_US/release-independent/junos/information-products/pathway-pages/hardware/srx100/index.html\u0000",
          "http://www.juniper.net/techpubs/en_US/release-independent/junos/information-products/pathway-pages/hardware/SRX650/HW/index.html\u0000",
          "http://www.juniper.net/techpubs/en_US/release-independent/junos/information-products/pathway-pages/hardware/srx210/srx210.html\u0000",
          "http://www.juniper.net/\u0000"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 22
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "fa20999f0ccc278973e6a352b6c4d3d57b72e8e36c259aaf5c8e1937eb8f0d0e",
    "policy_txt_hash": "4afa6b6b11938995074b4a0abf8f72aff42b731aa636612d3d441a61c2492dcf"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "The tamper evident seals and security devices installed as indicated in the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0010.pdf",
    "date_sunset": null,
    "description": "SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways are secure routers that provide essential capabilities that connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience. All SRX Series Services Gateways, including products scaled for the branch, campus and data center applications, are powered by Juniper Networks JUNOS the proven",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "EMI/EMC: Level 3",
      "Design Assurance: Level 3"
    ],
    "fw_versions": "10.4R4",
    "historical_reason": "RNG SP800-131A Revision 1 Transition",
    "hw_versions": "(SRX100B, SRX100H, SRX210B, SRX210BE, SRX210H, SRX210HE, SRX210H-POE, SRX210HE-POE, SRX220H, SRX220H-POE, SRX240B, SRX240H, SRX240H-POE, SRX650-BASE-SRE6-645AP and SRX650-BASE-SRE6-645DP) with JNPR-FIPS-TAMPER-LBLS",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Juniper Networks SRX100, SRX210, SRX220, SRX240 and SRX650 Services Gateways",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2011-10-06",
        "lab": "ICSA",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2011-11-08",
        "lab": "ICSA",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2013-12-11",
        "lab": "",
        "validation_type": "Update"
      }
    ],
    "vendor": "Juniper Networks, Inc.",
    "vendor_url": "http://www.juniper.net/us/en/"
  }
}