Network Security Platform Sensor NS7100, NS7200 and NS7300

Certificate #3576

Webpage information

Status historical
Historical reason SP 800-56Arev3 transition
Validation dates 04.12.2019 , 23.03.2020
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated with the tamper evident seals installed as indicated in the Security Policy
Exceptions
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks.
Version (Hardware) P/Ns IPS-NS7100 Version 1.00, IPS-NS7200 Version 1.00 and IPS-NS7300 Version 1.00; FIPS Kit P/N IAC-FIPS-KT2
Version (Firmware) 9.1.17.100
Vendor McAfee, LLC
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, RC4, DES, Triple-DES, HMAC
Asymmetric Algorithms
RSA-2048, RSA 2048, Diffie-Hellman
Hash functions
SHA-1, SHA-256, SHA-512, SHA2, MD5
Schemes
MAC, Key Exchange
Protocols
SSH, TLS 1.2, TLS v1.2, TLS
Randomness
DRBG
Elliptic Curves
P-256
Block cipher modes
ECB, CBC, CTR, GCM
TLS cipher suites
TLS_RSA_WITH_AES_128_GCM_SHA256

Security level
Level 2

Standards
FIPS 140-2, FIPS 186-4, SP 800-133, SP 800-52, SP 800-90A, PKCS #1, RFC 5288

File metadata

Title A. Scope of Document
Author Hanson, Mark
Creation date D:20191127162924-05'00'
Modification date D:20191127162924-05'00'
Pages 22
Creator Microsoft® Word for Office 365
Producer Microsoft® Word for Office 365

Heuristics

Automated inference - use with caution

All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3576,
  "dgst": "e3680aff4c3e0fd6",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "DRBG#C409",
        "HMAC#C409",
        "CVL#C409",
        "SHS#C409",
        "SHS#3960",
        "KTS#409",
        "AES#C409",
        "RSA#2638",
        "RSA#C409",
        "CVL#C410"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:a:mcafee:network_security_platform:9.1:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "1.00",
        "9.1.17.100"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "FF": {
          "DH": {
            "Diffie-Hellman": 3
          }
        },
        "RSA": {
          "RSA 2048": 11,
          "RSA-2048": 2
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CTR": {
          "CTR": 5
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 25
        },
        "TLS": {
          "TLS": {
            "TLS": 18,
            "TLS 1.2": 5,
            "TLS v1.2": 2
          }
        }
      },
      "crypto_scheme": {
        "KEX": {
          "Key Exchange": 1
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 6
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1,
          "#2638": 4,
          "#3960": 4
        }
      },
      "fips_certlike": {
        "Certlike": {
          "# C409": 1,
          "AES 128": 2,
          "AES 128/256": 1,
          "AES 256": 1,
          "HMAC SHA-1": 1,
          "HMAC SHA-256": 2,
          "HMAC SHA-512": 2,
          "HMAC-256": 2,
          "HMAC-512": 2,
          "PKCS #1": 1,
          "RSA 2048": 11,
          "RSA PKCS #1": 1,
          "SHA-1": 6,
          "SHA-256": 13,
          "SHA-512": 4,
          "SHA2": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 2": 2
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 6
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 6
          },
          "SHA2": {
            "SHA-256": 13,
            "SHA-512": 4,
            "SHA2": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 12
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 7,
          "FIPS 186-4": 2
        },
        "NIST": {
          "SP 800-133": 3,
          "SP 800-52": 1,
          "SP 800-90A": 2
        },
        "PKCS": {
          "PKCS #1": 1
        },
        "RFC": {
          "RFC 5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 16
          },
          "RC": {
            "RC4": 2
          }
        },
        "DES": {
          "3DES": {
            "Triple-DES": 3
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "HMAC": 13
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {
        "TLS": {
          "TLS_RSA_WITH_AES_128_GCM_SHA256": 1
        }
      },
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Hanson, Mark",
      "/CreationDate": "D:20191127162924-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Office 365",
      "/ModDate": "D:20191127162924-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Office 365",
      "/Title": "A. Scope of Document",
      "pdf_file_size_bytes": 560696,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/26000/PD26775/en_US/NSP_91_CLI_Guide_revF_en-us.PDF"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 22
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "b2f219647bc9e37e6a1ba204ad88c122461a21e9ff4c3f714d2187240ba8c27d",
    "policy_txt_hash": "a9812a6df9ddefa59d6ce8a75c67cc13359d56f9651b6a5c31429a5338076f0b"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated with the tamper evident seals installed as indicated in the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPSConsolidatedDec2019.pdf",
    "date_sunset": null,
    "description": "Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "9.1.17.100",
    "historical_reason": "SP 800-56Arev3 transition",
    "hw_versions": "P/Ns IPS-NS7100 Version 1.00, IPS-NS7200 Version 1.00 and IPS-NS7300 Version 1.00; FIPS Kit P/N IAC-FIPS-KT2",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "Network Security Platform Sensor NS7100, NS7200 and NS7300",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2019-12-04",
        "lab": "Acumen Security",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2020-03-23",
        "lab": "Acumen Security",
        "validation_type": "Update"
      }
    ],
    "vendor": "McAfee, LLC",
    "vendor_url": "http://www.mcafee.com/"
  }
}