cert_id |
4073 |
4607 |
dgst |
2478b5cdde898af6 |
d79d5ca8d078fe26 |
heuristics/algorithms |
CVL#C2197, DRBG#C2195, RSA#C2201, ECDSA#C2199, HMAC#C2200, RSA#A1295, KTS#C2201, ECDSA#C2197, DRBG#C2198, SHS#C2199, HMAC#C2197, HMAC#C2199, SHS#C2201, AES#C2197, AES#C2140, RSA#A1294, AES#C2201, SHS#A1295, RSA#C2199, AES#C2199, SHS#A1294, ECDSA#C2201, KTS#C2199, CVL#C2199, SHS#C2197, SHS#C2200, HMAC#C2201, CVL#C2201, RSA#A1296, CVL#C2200, ECDSA#C2200, AES#C2200 |
CVL#C2197, DRBG#C2195, RSA#C2201, ECDSA#C2199, HMAC#C2200, RSA#A1295, KTS#C2201, KAS#C2199, ECDSA#C2197, DRBG#C2198, SHS#C2199, KAS#A1295, HMAC#C2197, HMAC#C2199, SHS#C2201, AES#C2197, KAS-SSC#A1295, AES#C2140, RSA#A1294, AES#C2201, KAS-SSC#A1294, KAS#C2197, SHS#A1295, RSA#C2199, AES#C2199, SHS#A1294, ECDSA#C2201, KTS#C2199, KAS#C2200, CVL#C2199, KAS#A1294, SHS#C2197, SHS#C2200, HMAC#C2201, CVL#C2201, RSA#A1296, KAS#C2201, CVL#C2200, ECDSA#C2200, AES#C2200 |
heuristics/cpe_matches |
{} |
{} |
heuristics/direct_transitive_cves |
{} |
{} |
heuristics/extracted_versions |
- |
- |
heuristics/indirect_transitive_cves |
{} |
{} |
heuristics/module_processed_references/directly_referenced_by |
{} |
{} |
heuristics/module_processed_references/directly_referencing |
{} |
{} |
heuristics/module_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/module_processed_references/indirectly_referencing |
{} |
{} |
heuristics/module_prunned_references |
{} |
{} |
heuristics/policy_processed_references/directly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/directly_referencing |
{} |
{} |
heuristics/policy_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/indirectly_referencing |
{} |
{} |
heuristics/policy_prunned_references |
{} |
{} |
heuristics/related_cves |
{} |
{} |
heuristics/verified_cpe_matches |
{} |
{} |
pdf_data/keywords/fips_cert_id |
|
|
pdf_data/keywords/fips_security_level |
|
|
pdf_data/keywords/fips_certlike |
- Certlike:
- AES (128: 9
- AES 128: 1
- AES 256: 1
- AES-256: 1
- HMAC SHA-1: 7
- HMAC SHA-256: 10
- HMAC SHA-384: 3
- HMAC SHA-512: 3
- HMAC-SHA-256: 4
- PKCS 1: 1
- RSA PKCS 1: 1
- SHA-1: 14
- SHA-224: 2
- SHA-256: 13
- SHA-384: 5
- SHA-512: 5
- SHA1: 1
- SHA2- 256: 1
- SHA2- 384: 1
- SHA2-256: 4
- SHA2-384: 2
- SHA2-512: 3
|
- Certlike:
- AES (128: 9
- AES 128: 1
- AES 256: 1
- AES-256: 1
- HMAC SHA-1: 7
- HMAC SHA-256: 10
- HMAC SHA-384: 3
- HMAC SHA-512: 3
- HMAC-SHA-256: 4
- PKCS 1: 1
- RSA PKCS 1: 1
- SHA-1: 14
- SHA-224: 2
- SHA-256: 13
- SHA-384: 5
- SHA-512: 5
- SHA1: 1
- SHA2- 384: 1
- SHA2-256: 2
- SHA2-384: 1
- SHA2-512: 2
|
pdf_data/keywords/vendor |
|
|
pdf_data/keywords/eval_facility |
|
|
pdf_data/keywords/symmetric_crypto |
- AES_competition:
- AES:
- AES: 29
- AES-: 1
- AES-256: 1
- constructions:
|
- AES_competition:
- constructions:
|
pdf_data/keywords/asymmetric_crypto |
|
|
pdf_data/keywords/pq_crypto |
|
|
pdf_data/keywords/hash_function |
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 13
- SHA-384: 5
- SHA-512: 5
|
- SHA:
- SHA1:
- SHA2:
- SHA-224: 2
- SHA-256: 13
- SHA-384: 5
- SHA-512: 5
|
pdf_data/keywords/crypto_scheme |
|
|
pdf_data/keywords/crypto_protocol |
- IKE:
- IPsec:
- SSH:
- TLS:
- SSL:
- TLS:
- TLS: 23
- TLS 1.0: 1
- TLS 1.1: 1
- VPN:
|
- IKE:
- IKE: 34
- IKEv1: 1
- IKEv2: 3
- IPsec:
- SSH:
- TLS:
- SSL:
- TLS:
- TLS: 23
- TLS 1.0: 1
- TLS 1.1: 2
- TLS 1.2: 1
- VPN:
|
pdf_data/keywords/randomness |
|
|
pdf_data/keywords/cipher_mode |
|
|
pdf_data/keywords/ecc_curve |
- Brainpool:
- brainpoolP224r1: 1
- brainpoolP256r1: 1
- brainpoolP384r1: 1
- brainpoolP512r1: 1
- Curve:
- NIST:
- P-256: 16
- P-384: 12
- P-521: 12
- secp256r1: 1
- secp384r1: 1
- secp521r1: 1
|
- Brainpool:
- brainpoolP224r1: 1
- brainpoolP256r1: 1
- brainpoolP384r1: 1
- brainpoolP512r1: 1
- Curve:
- NIST:
- P-256: 18
- P-384: 12
- P-521: 14
- secp256r1: 1
- secp384r1: 1
- secp521r1: 1
|
pdf_data/keywords/crypto_engine |
|
|
pdf_data/keywords/tls_cipher_suite |
|
|
pdf_data/keywords/crypto_library |
|
|
pdf_data/keywords/vulnerability |
|
|
pdf_data/keywords/side_channel_analysis |
|
|
pdf_data/keywords/device_model |
|
|
pdf_data/keywords/tee_name |
|
|
pdf_data/keywords/os_name |
|
|
pdf_data/keywords/cplc_data |
|
|
pdf_data/keywords/ic_data_group |
|
|
pdf_data/keywords/standard_id |
- FIPS:
- FIPS 140: 2
- FIPS 140-2: 43
- FIPS140-2: 1
- NIST:
- NIST SP 800-90A: 1
- SP 800-133: 1
- SP 800-52: 1
- SP 800-90A: 1
- SP 800-90B: 1
- PKCS:
- RFC:
- RFC 5246: 1
- RFC 5288: 1
- RFC 7296: 1
|
- FIPS:
- FIPS 140: 2
- FIPS 140-2: 43
- NIST:
- NIST SP 800-90A: 1
- SP 800-133: 1
- SP 800-52: 1
- SP 800-90A: 1
- SP 800-90B: 1
- PKCS:
- RFC:
- RFC 5246: 1
- RFC 5288: 1
- RFC 7296: 1
|
pdf_data/keywords/javacard_version |
|
|
pdf_data/keywords/javacard_api_const |
|
|
pdf_data/keywords/javacard_packages |
|
|
pdf_data/keywords/certification_process |
|
|
pdf_data/policy_metadata |
- /Author: Fortinet Technical Documentation
- /CreationDate: D:20211026160730-04'00'
- /Keywords:
- /ModDate: D:20211026160730-04'00'
- /Producer: madbuild
- /Subject:
- /Title: FortiGate-VM 6.x FIPS Level 1 Security Policy
- pdf_file_size_bytes: 325186
- pdf_hyperlinks: mailto:[email protected], https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/ac683e6d-2981-11e9-94bf-00505692583a/FOS54-FIPS-CC-Technote_-_NGFW.pdf, https://www.fortinet.com/corporate/about-us/privacy.html, https://training.fortinet.com/, https://video.fortinet.com/, http://forticast.fortinet.com/, https://www.fortinet.com/doc/legal/EULA.pdf, http://csrc.nist.gov/groups/STM/cmvp/index.html, http://www.fortinet.com/products, http://fortiguard.com/, http://docs.fortinet.com/, https://blog.fortinet.com/, https://support.fortinet.com/, http://www.fortinet.com/support, https://docs.fortinet.com/, http://kb.fortinet.com/, https://fortiguard.com/, http://www.fortinet.com/contact
- pdf_is_encrypted: False
- pdf_number_of_pages: 28
|
- /Author: Fortinet Technical Documentation
- /CreationDate: D:20230906131111-04'00'
- /Keywords:
- /ModDate: D:20230906131111-04'00'
- /Producer: madbuild
- /Subject:
- /Title: FortiGate-VM 6.x FIPS Level 1 Security Policy
- pdf_file_size_bytes: 331672
- pdf_hyperlinks: mailto:[email protected], https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/ac683e6d-2981-11e9-94bf-00505692583a/FOS54-FIPS-CC-Technote_-_NGFW.pdf, https://www.fortinet.com/corporate/about-us/privacy.html, https://training.fortinet.com/, https://video.fortinet.com/, http://forticast.fortinet.com/, https://www.fortinet.com/doc/legal/EULA.pdf, http://csrc.nist.gov/groups/STM/cmvp/index.html, http://www.fortinet.com/products, http://fortiguard.com/, http://docs.fortinet.com/, https://blog.fortinet.com/, https://support.fortinet.com/, http://www.fortinet.com/support, https://docs.fortinet.com/, http://kb.fortinet.com/, https://fortiguard.com/, http://www.fortinet.com/contact
- pdf_is_encrypted: False
- pdf_number_of_pages: 28
|
state/module_download_ok |
True |
True |
state/module_extract_ok |
True |
True |
state/policy_convert_garbage |
False |
False |
state/policy_convert_ok |
True |
True |
state/policy_download_ok |
True |
True |
state/policy_extract_ok |
True |
True |
state/policy_pdf_hash |
Different |
Different |
state/policy_txt_hash |
Different |
Different |
web_data/caveat |
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy and with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys |
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy and with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys |
web_data/certificate_pdf_url |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2021_011221_0923_signed.pdf |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf |
web_data/date_sunset |
|
21.09.2026 |
web_data/description |
The FortiGate-VM is a software module designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor. The module provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering, traffic shaping, and HA capabilities. |
The FortiGate-VM is a software module designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor. The module provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering, traffic shaping, and HA capabilities. |
web_data/embodiment |
Multi-Chip Stand Alone |
Multi-Chip Stand Alone |
web_data/exceptions |
Roles, Services, and Authentication: Level 3, Physical Security: N/A, Design Assurance: Level 2 |
Roles, Services, and Authentication: Level 3, Physical Security: N/A, Design Assurance: Level 2 |
web_data/fw_versions |
[] |
[] |
web_data/historical_reason |
SP 800-56Arev3 transition - replaced by certificate #4607 |
|
web_data/hw_versions |
[] |
[] |
web_data/level |
1 |
1 |
web_data/mentioned_certs |
|
|
web_data/module_name |
FortiGate-VM |
FortiGate-VM |
web_data/module_type |
Software |
Software |
web_data/revoked_link |
None |
None |
web_data/revoked_reason |
None |
None |
web_data/standard |
FIPS 140-2 |
FIPS 140-2 |
web_data/status |
historical |
active |
web_data/sw_versions |
FortiGate-VM 6.2, build 5611 |
FortiGate-VM 6.2, build 5203 |
web_data/tested_conf |
FortiGate-VM on VMWare ESXi 6.7 running on a MilDef CS9121 (P/N: 211-3102 Ver: 001) with an Intel® Core™ i7-6822EQ processor and the Araneus Alea II entropy token (single-user mode), FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token, FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token, FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token |
FortiGate-VM on VMWare ESXi 6.7 running on a MilDef CS9121 (P/N: 211-3102 Ver: 001) with an Intel® Core™ i7-6822EQ processor and the Araneus Alea II entropy token (single-user mode), FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token, FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token, FortiGate-VM on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token |
web_data/validation_history |
- date: 17.11.2021
- lab: Lightship Security, Inc.
- validation_type: Initial
|
- date: 26.09.2023
- lab: Lightship Security, Inc.
- validation_type: Initial
|
web_data/vendor |
Fortinet, Inc. |
Fortinet, Inc. |
web_data/vendor_url |
http://www.fortinet.com |
http://www.fortinet.com |