This page was not yet optimized for use on mobile devices.
FortiGate-6300F/6301F/6500F/6501F
Certificate #4608
Webpage information ?
Security policy ?
Symmetric Algorithms
AES-256, AES, HMAC, HMAC-SHA-256Asymmetric Algorithms
ECDH, ECDSA, ECC, Diffie-Hellman, DHHash functions
SHA-1, SHA1, SHA-224, SHA-256, SHA-384, SHA-512Schemes
Key agreementProtocols
SSH, SSL, TLS 1.1, TLS, TLS 1.2, IKE, IKEv2, IKEv1, IPsec, VPNRandomness
DRBG, RBGElliptic Curves
P-256, curve P-256, curve P-384, curve P-521, P-384, P-521, secp256r1, secp384r1, secp521r1, brainpoolP224r1, brainpoolP256r1, brainpoolP384r1, brainpoolP512r1, Curve25519Block cipher modes
CBC, CTR, GCMTrusted Execution Environments
SSCSecurity level
Level 2, level 3Certification process
out of scope, of the validated firmware. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. Figure 1 is representative of theStandards
FIPS 140-2, SP 800-90B, NIST SP 800-90A, SP 800-52, SP 800-133, SP 800-90A, PKCS 1, RFC 7296, RFC 5246, RFC 5288File metadata
| Title | FortiOS 6.x FG-6000-Series FIPS 140-2 Level 2 Security Policy |
|---|---|
| Author | Fortinet Technical Documentation |
| Creation date | D:20230906130718-04'00' |
| Modification date | D:20230907125849-04'00' |
| Pages | 32 |
| Producer | madbuild |
Heuristics ?
References ?
No references are available for this certificate.
Updates ?
-
01.11.2023 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4608,
"dgst": "d6882ad218ce73f7",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"HMAC#C1576",
"HMAC#C1575",
"KAS#A1187",
"CVL#C1575",
"ECDSA#C1576",
"ECDSA#C1578",
"RSA#C1578",
"SHS#C1576",
"RSA#C1576",
"AES#C1575",
"ECDSA#C1575",
"KAS#C1578",
"SHS#C1575",
"HMAC#C1578",
"RSA#A1187",
"RSA#A1252",
"KAS#C1575",
"CVL#C1576",
"KAS#C1576",
"AES#C1549",
"DRBG#C1573",
"AES#C1578",
"SHS#A1187",
"CVL#C1578",
"AES#C1576",
"KAS-SSC#A1187",
"SHS#C1578",
"KTS#C1576"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:fortinet:fortigate-6501f:-:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortigate-6300f:-:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortigate-6500f:-:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortigate_6300f:-:*:*:*:*:*:*:*",
"cpe:2.3:h:fortinet:fortigate_6500f:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 5
},
"ECDSA": {
"ECDSA": 21
}
},
"FF": {
"DH": {
"DH": 5,
"Diffie-Hellman": 16
}
}
},
"certification_process": {
"OutOfScope": {
"of the validated firmware. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. Figure 1 is representative of the": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 1
},
"GCM": {
"GCM": 10
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 35,
"IKEv1": 1,
"IKEv2": 3
},
"IPsec": {
"IPsec": 30
},
"SSH": {
"SSH": 17
},
"TLS": {
"SSL": {
"SSL": 3
},
"TLS": {
"TLS": 23,
"TLS 1.1": 4,
"TLS 1.2": 1
}
},
"VPN": {
"VPN": 25
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 2
}
},
"device_model": {},
"ecc_curve": {
"Brainpool": {
"brainpoolP224r1": 1,
"brainpoolP256r1": 1,
"brainpoolP384r1": 1,
"brainpoolP512r1": 1
},
"Curve": {
"Curve25519": 1
},
"NIST": {
"P-256": 13,
"P-384": 11,
"P-521": 9,
"curve P-256": 1,
"curve P-384": 1,
"curve P-521": 1,
"secp256r1": 1,
"secp384r1": 1,
"secp521r1": 1
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES (128": 9,
"AES 128": 2,
"AES 256": 3,
"AES-256": 1,
"DRBG 128": 1,
"HMAC SHA-1": 7,
"HMAC SHA-256": 9,
"HMAC SHA-384": 3,
"HMAC SHA-512": 3,
"HMAC-SHA-256": 4,
"PKCS 1": 1,
"RSA PKCS 1": 1,
"SHA-1": 14,
"SHA-224": 1,
"SHA-256": 13,
"SHA-384": 6,
"SHA-512": 6,
"SHA1": 1,
"SHA2- 512": 2,
"SHA2-256": 2,
"SHA2-384": 2
}
},
"fips_security_level": {
"Level": {
"Level 2": 6,
"level 3": 1
}
},
"hash_function": {
"SHA": {
"SHA1": {
"SHA-1": 14,
"SHA1": 1
},
"SHA2": {
"SHA-224": 1,
"SHA-256": 13,
"SHA-384": 6,
"SHA-512": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 38
},
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 52
},
"NIST": {
"NIST SP 800-90A": 2,
"SP 800-133": 1,
"SP 800-52": 1,
"SP 800-90A": 1,
"SP 800-90B": 1
},
"PKCS": {
"PKCS 1": 1
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 7296": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 29,
"AES-256": 1
}
},
"constructions": {
"MAC": {
"HMAC": 24,
"HMAC-SHA-256": 2
}
}
},
"tee_name": {
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Fortinet Technical Documentation",
"/CreationDate": "D:20230906130718-04\u002700\u0027",
"/Keywords": "",
"/ModDate": "D:20230907125849-04\u002700\u0027",
"/Producer": "madbuild",
"/Subject": "",
"/Title": "FortiOS 6.x FG-6000-Series FIPS 140-2 Level 2 Security Policy",
"pdf_file_size_bytes": 481689,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://docs.fortinet.com/",
"http://www.fortinet.com/contact",
"https://support.fortinet.com/",
"https://fortiguard.com/",
"mailto:[email protected]",
"https://www.fortinet.com/corporate/about-us/privacy.html",
"http://www.fortinet.com/support",
"https://video.fortinet.com/",
"https://training.fortinet.com/",
"http://docs.fortinet.com/",
"http://forticast.fortinet.com/",
"http://kb.fortinet.com/",
"https://blog.fortinet.com/",
"http://www.fortinet.com/products",
"http://fortiguard.com/",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"https://www.fortinet.com/doc/legal/EULA.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 32
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "8e8f30306a0771e885234b7c83d088827eed0942966dadad7a60a90eb6d3aee9",
"policy_txt_hash": "94105a37b3e7fa0dd1604b97bf05a2fe8d9e8c6c5c63953723b74998c1c15bff"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf",
"date_sunset": "2026-06-01",
"description": "The FortiGate-6300F/6301F/6500F/6501F are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3"
],
"fw_versions": "FortiOS 6.2 build 5204",
"historical_reason": null,
"hw_versions": "FortiGate-6300F (C1AG83), FortiGate-6301F (C1AG85), FortiGate-6500F (C1AG84) and FortiGate-6501F (C1AG86) with Tamper Evident Seal Kit: FIPS-SEAL-RED",
"level": 2,
"mentioned_certs": {},
"module_name": "FortiGate-6300F/6301F/6500F/6501F",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-09-26",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Fortinet, Inc.",
"vendor_url": "http://www.fortinet.com"
}
}