{"_type": "sec_certs.sample.fips.FIPSCertificate", "dgst": "9c95695b470eb722", "cert_id": 4935, "web_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.WebData", "module_name": "Panorama Virtual Appliance 11.0", "validation_history": [{"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry", "date": "2025-01-02", "validation_type": "Initial", "lab": "Leidos Accredited Testing & Evaluation (AT&E) Lab"}], "vendor_url": "http://www.paloaltonetworks.com", "vendor": "Palo Alto Networks, Inc.", "certificate_pdf_url": null, "module_type": "Software", "standard": "FIPS 140-3", "status": "active", "level": 1, "caveat": "Interim Validation. When installed, initialized and configured as specified in Section 11 of the Security Policy", "exceptions": ["Roles, services, and authentication: Level 3", "Physical security: N/A", "Non-invasive security: N/A", "Life-cycle assurance: Level 3", "Mitigation of other attacks: N/A"], "embodiment": "Multi-Chip Stand Alone", "description": "Panorama offers easy-to-implement, centralized management features that provide insight into network-wide traffic and simplify configurations.", "tested_conf": ["Hyper-V 2019 on Microsoft Hyper-V Server 2019 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6248", "KVM 4 on Ubuntu 20.04 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6248", "VMware ESXi v7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6248"], "hw_versions": null, "fw_versions": null, "sw_versions": "11.0.4", "mentioned_certs": {}, "historical_reason": null, "date_sunset": "2027-01-01", "revoked_reason": null, "revoked_link": null}, "pdf_data": {"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData", "keywords": {"fips_cert_id": {}, "fips_security_level": {"Level": {"level 1": 1, "Level 1": 5}}, "fips_certlike": {"Certlike": {"HMAC-SHA-1": 22, "HMAC-SHA-256": 10, "HMAC-SHA-384": 2, "HMAC-SHA-512": 2, "SHA2-224": 3, "SHA2-256": 7, "SHA2-384": 4, "SHA2-512": 4, "SHA-1": 6, "SHA2": 4, "SHA-256": 9, "SHA-512": 3, "SHA-384": 1, "RSA 2048": 10, "RSA 3072": 2, "RSA 4096": 2, "PKCS#1": 4, "AES 256": 3, "AES (128": 1}}, "vendor": {"Microsoft": {"Microsoft": 2}}, "eval_facility": {}, "symmetric_crypto": {"AES_competition": {"AES": {"AES": 15}, "CAST": {"CAST": 1}}, "DES": {"DES": {"DES": 1}}, "constructions": {"MAC": {"HMAC": 18, "HMAC-SHA-256": 5, "HMAC-SHA-384": 1, "HMAC-SHA-512": 1, "CMAC": 1}}}, "asymmetric_crypto": {"RSA": {"RSA 2048": 10, "RSA 3072": 2, "RSA 4096": 2}, "ECC": {"ECDH": {"ECDH": 1}, "ECDSA": {"ECDSA": 53}}, "FF": {"DH": {"DH": 1, "Diffie-Hellman": 2}}}, "pq_crypto": {}, "hash_function": {"SHA": {"SHA1": {"SHA-1": 6}, "SHA2": {"SHA-224": 1, "SHA-256": 10, "SHA-384": 2, "SHA-512": 4, "SHA2": 4}}}, "crypto_scheme": {"KEX": {"Key Exchange": 6}}, "crypto_protocol": {"SSH": {"SSH": 56, "SSHv2": 2}, "TLS": {"TLS": {"TLS v1.2": 12, "TLS1.2": 1, "TLS": 60, "TLS 1.2": 2}}, "IKE": {"IKEv2": 1}}, "randomness": {"PRNG": {"DRBG": 45}, "RNG": {"RNG": 1}}, "cipher_mode": {"ECB": {"ECB": 2}, "CBC": {"CBC": 3}, "CTR": {"CTR": 4}, "GCM": {"GCM": 11}, "CCM": {"CCM": 2}}, "ecc_curve": {"NIST": {"P-256": 40, "P-384": 30, "P-521": 30}}, "crypto_engine": {}, "tls_cipher_suite": {"TLS": {"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256": 1, "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384": 1, "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 1, "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 1}}, "crypto_library": {}, "vulnerability": {}, "side_channel_analysis": {}, "device_model": {}, "tee_name": {}, "os_name": {}, "cplc_data": {}, "ic_data_group": {}, "standard_id": {"FIPS": {"FIPS 140-3": 13, "FIPS 186-4": 62, "FIPS 198-1": 6, "FIPS 180-4": 5, "FIPS 186-2": 1}, "NIST": {"SP 800-90B": 8, "SP 800-38A": 4, "SP 800-38D": 2, "SP 800-38F": 4, "SP 800-52": 1, "SP 800-63B": 2, "SP 800-140F": 1, "SP 800-56A": 10}, "PKCS": {"PKCS#1": 2}, "RFC": {"RFC 3526": 2, "RFC7627": 12, "RFC 5288": 2, "RFC 5246": 1}, "ISO": {"ISO/IEC 24759": 2}}, "javacard_version": {}, "javacard_api_const": {}, "javacard_packages": {}, "certification_process": {"OutOfScope": {"out of scope": 1, "the module. Any software loaded into this module that is not shown on the module certificate is out of scope of this validation, and requires a separate FIPS 140-3 validation. The pre-operational self-tests": 1}}}, "policy_metadata": {"pdf_file_size_bytes": 391247, "pdf_is_encrypted": false, "pdf_number_of_pages": 24, "/Title": "Panorama VM 11.0 Security Policy-Interim_24.11.25.docx", "/Producer": "Skia/PDF m133 Google Docs Renderer", "pdf_hyperlinks": {"_type": "Set", "elements": ["https://support.paloaltonetworks.com/Support/Index", "https://docs.paloaltonetworks.com/panorama/10-1/panorama-admin.html", "http://www.paloaltonetworks.com"]}}}, "heuristics": {"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics", "algorithms": {"_type": "Set", "elements": ["KDF SNMPA3454", "Safe Primes Key VerificationA3454", "SHA2-224A3454", "ECDSA SigVer (FIPS186-4)A3454", "HMAC-SHA2-384A3454", "HMAC-SHA-1A3454", "ECDSA KeyGen (FIPS186-4)A3454", "TLS v1.2 KDF RFC7627A3454", "Counter DRBGA3454", "SHA-1A3454", "HMAC-SHA2-224A3454", "AES-CTRA3454", "KAS-FFC-SSC Sp800-56Ar3A3454", "AES-CBCA3454", "RSA SigVer (FIPS186-4)A3454", "ECDSA SigGen (FIPS186-4)A3454", "ECDSA KeyVer (FIPS186-4)A3454", "KAS-ECC-SSC Sp800-56Ar3A3454", "SHA2-256A3454", "SHA2-384A3454", "HMAC-SHA2-256A3454", "AES-GCMA3454", "HMAC-SHA2-512A3454", "RSA KeyGen (FIPS186-4)A3454", "KDF SSHA3454", "Safe Primes Key GenerationA3454", "RSA SigGen (FIPS186-4)A3454", "AES-CFB128A3454", "SHA2-512A3454", "Conditioning Component AES-CBC-MAC SP800-90BA1791"]}, "extracted_versions": {"_type": "Set", "elements": ["11.0"]}, "cpe_matches": null, "verified_cpe_matches": null, "related_cves": null, "policy_prunned_references": {"_type": "Set", "elements": []}, "module_prunned_references": {"_type": "Set", "elements": []}, "policy_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "module_processed_references": {"_type": "sec_certs.sample.certificate.References", "directly_referenced_by": null, "indirectly_referenced_by": null, "directly_referencing": null, "indirectly_referencing": null}, "direct_transitive_cves": null, "indirect_transitive_cves": null}, "state": {"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState", "module_download_ok": true, "policy_download_ok": true, "policy_convert_ok": true, "module_extract_ok": true, "policy_extract_ok": true, "policy_pdf_hash": "0cf25a5c1dd6f1ce4b23fb87b13a162f581513e715d213fe4ab0da566dc73b5f", "policy_txt_hash": "2e12fb0976ff9aa0e36c7ae864eddc2ca65f8d21a9611de60a8fe60ae3892c51", "policy_json_hash": null}}