Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Juniper Networks QFX10002, QFX10008 and QFX10016
Juniper Networks QFX10002, QFX10008 and QFX10016
cert_id 3367 4882
dgst 377ac4e989ab213e 4046c1be5d83b630
heuristics/algorithms ECDSA#1458, SHS#4379, DRBG#2142, HMAC#3617, HMAC#3615, SHS#4381, SHS#4380, CVL#1909, Triple-DES#2746, RSA#2931, DRBG#2141, AES#5459, HMAC#3616 {}
heuristics/extracted_versions 18.1 -
pdf_data/keywords/fips_cert_id
  • Cert:
    • #1909: 1
pdf_data/keywords/fips_security_level
  • Level:
    • Level 1: 3
    • level 1: 3
  • Level:
    • Level 1: 5
    • Level 3: 1
    • Level 8: 1
    • level 1: 3
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES CBC 128/192/256: 1
    • AES GCM 2: 1
    • DRBG 2: 1
    • HMAC SHA-256: 2
    • HMAC SHA1: 1
    • HMAC-SHA-1: 6
    • HMAC-SHA-224: 2
    • HMAC-SHA-256: 2
    • HMAC-SHA-384: 2
    • HMAC-SHA-512: 4
    • RSA 2048: 4
    • RSA 4096: 4
    • SHA 1, 256: 1
    • SHA 256: 2
    • SHA 384: 1
    • SHA 512: 1
    • SHA-1: 6
    • SHA-2-384: 1
    • SHA-2-512: 2
    • SHA-224: 1
    • SHA-256: 10
    • SHA-384: 5
    • SHA-512: 4
    • SHA1: 1
  • Certlike:
    • - PKCS 1: 2
    • AES CBC 128, 192: 1
    • AES CTR 128: 1
    • AES- 128: 1
    • AES- 192: 1
    • AES- 256: 1
    • AES-128: 1
    • AES-192: 1
    • AES-256: 1
    • DRBG 2: 3
    • DRBG 256: 1
    • DRBG 440: 1
    • DRBG2: 14
    • HMAC 198: 2
    • HMAC- SHA-1: 2
    • HMAC-SHA-1: 10
    • PKCS 1: 2
    • RSA 2048: 1
    • RSA2: 1
    • SHA-1: 7
    • SHA-2- 512: 1
    • SHA2- 256: 7
    • SHA2- 512: 3
    • SHA2-256: 23
    • SHA2-384: 4
    • SHA2-512: 15
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 7
    • CAST:
      • CAST: 1
  • DES:
    • 3DES:
      • TDES: 1
      • Triple-DES: 5
    • DES:
      • DES: 1
  • constructions:
    • MAC:
      • HMAC: 12
      • HMAC-SHA-224: 1
      • HMAC-SHA-256: 2
      • HMAC-SHA-384: 1
      • HMAC-SHA-512: 1
  • miscellaneous:
    • Blowfish:
      • Blowfish: 1
  • AES_competition:
    • AES:
      • AES: 6
      • AES-: 9
      • AES-128: 1
      • AES-192: 1
      • AES-256: 1
    • CAST:
      • CAST: 51
  • DES:
    • 3DES:
      • TDES: 1
  • constructions:
    • MAC:
      • HMAC: 25
  • miscellaneous:
    • Blowfish:
      • Blowfish: 3
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 1
    • ECDH:
      • ECDH: 8
    • ECDSA:
      • ECDSA: 16
  • FF:
    • DH:
      • DH: 2
      • Diffie-Hellman: 6
    • DSA:
      • DSA: 2
  • RSA:
    • RSA 2048: 4
    • RSA 4096: 4
  • ECC:
    • ECDH:
      • ECDH: 46
    • ECDSA:
      • ECDSA: 79
  • FF:
    • DH:
      • DH: 46
      • Diffie-Hellman: 3
    • DSA:
      • DSA: 3
  • RSA:
    • RSA 2048: 1
pdf_data/keywords/hash_function
  • MD:
    • MD5:
      • MD5: 1
  • SHA:
    • SHA1:
      • SHA-1: 6
      • SHA1: 1
    • SHA2:
      • SHA-224: 2
      • SHA-256: 11
      • SHA-384: 4
      • SHA-512: 4
  • RIPEMD:
    • RIPEMD160: 2
  • SHA:
    • SHA1:
      • SHA-1: 7
pdf_data/keywords/crypto_scheme
  • AEAD:
    • AEAD: 2
  • KA:
    • Key Agreement: 2
  • KEX:
    • Key Exchange: 1
  • KA:
    • Key Agreement: 5
  • MAC:
    • MAC: 3
pdf_data/keywords/crypto_protocol
  • SSH:
    • SSH: 36
  • SSH:
    • SSH: 199
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 12
  • RNG:
    • RNG: 1
  • PRNG:
    • DRBG: 31
  • RNG:
    • RBG: 2
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 5
  • CTR:
    • CTR: 2
  • ECB:
    • ECB: 1
  • GCM:
    • GCM: 2
  • CBC:
    • CBC: 9
  • CTR:
    • CTR: 2
pdf_data/keywords/ecc_curve
  • NIST:
    • P-256: 24
    • P-384: 16
    • P-521: 8
  • NIST:
    • P-256: 56
    • P-384: 20
    • P-521: 16
    • prime256v1: 2
pdf_data/keywords/crypto_library
  • OpenSSL:
    • OpenSSL: 4
  • OpenSSL:
    • OpenSSL: 3
pdf_data/keywords/tee_name
  • AMD:
    • PSP: 9
  • IBM:
    • SSC: 10
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140-2: 9
  • NIST:
    • SP 800-133: 1
    • SP 800-135: 2
    • SP 800-38D: 1
    • SP 800-67: 1
    • SP 800-90A: 4
  • X509:
    • X.509: 2
  • FIPS:
    • FIPS 140-3: 13
    • FIPS 180-4: 6
    • FIPS 186-4: 8
    • FIPS 198-1: 4
    • FIPS186: 8
    • FIPS186-4: 30
  • NIST:
    • NIST SP 800-90B: 2
    • SP 800-135: 1
    • SP 800-38A: 3
    • SP 800-56A: 4
    • SP 800-90A: 2
  • PKCS:
    • PKCS 1: 2
  • X509:
    • X.509: 2
pdf_data/policy_metadata
  • /Author: Jennifer Brady
  • /CreationDate: D:20201208090927-05'00'
  • /Creator: Microsoft® Word for Microsoft 365
  • /ModDate: D:20201208090927-05'00'
  • /Producer: Microsoft® Word for Microsoft 365
  • /Subject: FIPS 140-2 Security Policy Template
  • pdf_file_size_bytes: 695147
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 23
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/caveat When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2, 1.3 and 6 of the Security Policy. Interim validation. When operated in Approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy. No assurance of minimum security of SSPs (e.g., keys, bit strings) that are externally loaded, or of SSPs established with externally loaded SSPs.
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FebConsolidated.pdf
web_data/date_sunset 17.11.2026
web_data/description The QFX10000 series of fixed and modular data center spine/core Ethernet switches deliver industry-leading scale, flexibility and openness providing seamless transition from 10GbE and 40GbE interface speeds to 100GbE. Based on our custom Q5 ASICs, these high-performance switches scale from 3 to 96 Tbps of throughput. Juniper Networks QFX10002, QFX10008, QFX10016 are QFX Series switches. The cryptographic module provides for an encrypted connection, using SSH, between the management station and the QFX switch.
web_data/exceptions Roles, Services, and Authentication: Level 3, Design Assurance: Level 3, Mitigation of Other Attacks: N/A, , Roles, services, and authentication: Level 3, Non-invasive security: N/A, Mitigation of other attacks: N/A, Documentation requirements: N/A, Cryptographic module security policy: N/A
web_data/fw_versions J, u, n, o, s, , O, S, , 1, 8, ., 1, R, 1 []
web_data/historical_reason Moved to historical list due to sunsetting
web_data/hw_versions Q, F, X, 1, 0, 0, 0, 2, -, 3, 6, Q, ,, , Q, F, X, 1, 0, 0, 0, 2, -, 7, 2, Q, , a, n, d, , [, Q, F, X, 1, 0, 0, 0, 8, , a, n, d, , Q, F, X, 1, 0, 0, 1, 6, , w, i, t, h, , Q, F, X, 1, 0, 0, 0, 0, , C, o, n, t, r, o, l, , b, o, a, r, d, ] []
web_data/standard FIPS 140-2 FIPS 140-3
web_data/status historical active
web_data/validation_history
  • date: 08.02.2019
  • lab: ACUMEN SECURITY, LLC
  • validation_type: Initial
  • date: 18.11.2024
  • lab: ACUMEN SECURITY, LLC
  • validation_type: Initial
web_data/vendor_url http://www.juniper.net/ http://www.juniper.net