PTX10008 and PTX10016 Packet Transport Routers with Routing Engine JNP10K-RE0 and MACsec Line Card LC1105-M

Certificate #4502

Webpage information ?

Status active
Validation dates 03.05.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The Juniper Networks PTX10000 line of Packet Transport Routers brings physical and virtual innovations to the cloud and service provider networks. These next-generation modular routers help network operators achieve their business goals while effectively handling current and future traffic demands through automation, optimization, and programmability.
Version (Hardware) PTX10008 and PTX10016 with components identified in Security Policy Table 1
Version (Firmware) Junos OS 20.3X75
Vendor Juniper Networks, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES128, AES256, CAST, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-224, HMAC-SHA-512, CMAC
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, MD5
Schemes
Key Exchange, Key Agreement
Protocols
SSH
Randomness
DRBG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384, P-521
Block cipher modes
ECB, CBC, CTR, GCM

Security level
Level 1, level 1

Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, SP 800-108, SP 800-90B, X.509

File metadata

Subject FIPS 140-2 Security Policy Template
Author Jennifer Brady
Creation date D:20230410140626+05'30'
Modification date D:20230410140626+05'30'
Pages 30
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References ?

No references are available for this certificate.

Updates ?

  • 26.06.2023 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf.
  • 18.05.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4502,
  "dgst": "daa1dbb904b938c7",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "ECDSA#A2359",
        "CVL#A2359",
        "AES#4369",
        "HMAC#A2356",
        "HMAC#A2359",
        "RSA#A2359",
        "AES#A2286",
        "KAS-SSC#A2359",
        "DRBG#A2356",
        "DRBG#A2360",
        "KTS#A2359",
        "KBKDF#A2358",
        "HMAC#A2357",
        "SHS#A2357",
        "SHS#A2360",
        "SHS#A2359",
        "HMAC#A2360",
        "SHS#A2356",
        "AES#A2358",
        "AES#A2359",
        "KAS#A2359",
        "DRBG#A2359"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:juniper:ptx10016:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:ptx1000:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:ptx10008:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "20.3"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 9
          },
          "ECDSA": {
            "ECDSA": 18
          }
        },
        "FF": {
          "DH": {
            "DH": 2,
            "Diffie-Hellman": 7
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA 2048": 7
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 4
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 42
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 4
        },
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 30,
          "P-384": 14,
          "P-521": 16
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES CBC 128/192/256": 1,
          "AES128": 1,
          "AES2": 1,
          "AES256": 1,
          "HMAC SHA-256": 3,
          "HMAC-SHA-1": 8,
          "HMAC-SHA-224": 2,
          "HMAC-SHA-256": 10,
          "HMAC-SHA-512": 4,
          "RSA 2048": 7,
          "RSA2": 1,
          "SHA 1, 256": 1,
          "SHA 256": 5,
          "SHA 384": 2,
          "SHA 512": 2,
          "SHA-1": 6,
          "SHA-11": 1,
          "SHA-224": 2,
          "SHA-256": 11,
          "SHA-384": 4,
          "SHA-512": 4
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 6
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 14,
            "SHA-384": 2,
            "SHA-512": 5
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 12
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 12,
          "FIPS PUB 140-2": 1,
          "FIPS140-2": 1
        },
        "NIST": {
          "SP 800-108": 4,
          "SP 800-135": 2,
          "SP 800-90A": 4,
          "SP 800-90B": 2
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14,
            "AES128": 1,
            "AES256": 1
          },
          "CAST": {
            "CAST": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5,
            "HMAC": 16,
            "HMAC-SHA-224": 1,
            "HMAC-SHA-256": 6,
            "HMAC-SHA-512": 1
          }
        },
        "miscellaneous": {
          "Blowfish": {
            "Blowfish": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Jennifer Brady",
      "/CreationDate": "D:20230410140626+05\u002730\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20230410140626+05\u002730\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS 140-2 Security Policy Template",
      "pdf_file_size_bytes": 928693,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://www.juniper.net/content/dam/www/assets/datasheets/us/en/routers/ptx10000-line-of-packet-transport-routers-datasheet.pdf",
          "https://www.juniper.net/support/downloads/junos.html",
          "http://www.juniper.net/"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 30
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "205e76eb43c62b7c7580a46c97b3d3b933161c912c3be41c48340d20b9aada2b",
    "policy_txt_hash": "fdced3886ad9691120659ccac48ed076056e878daedb2c63ab021a35947c0f84"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Juniper Networks PTX10000 line of Packet Transport Routers brings physical and virtual innovations to the cloud and service provider networks. These next-generation modular routers help network operators achieve their business goals while effectively handling current and future traffic demands through automation, optimization, and programmability.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "Junos OS 20.3X75",
    "historical_reason": null,
    "hw_versions": "PTX10008 and PTX10016 with components identified in Security Policy Table 1",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "PTX10008 and PTX10016 Packet Transport Routers with Routing Engine JNP10K-RE0 and MACsec Line Card LC1105-M",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-05-03",
        "lab": "ACUMEN SECURITY, LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Juniper Networks, Inc.",
    "vendor_url": "http://www.juniper.net"
  }
}