This page was not yet optimized for use on mobile
devices.
Juniper Networks EX4300 Ethernet Switches
Certificate #3358
Webpage information
Security policy
Symmetric Algorithms
AES, DES, Triple-DES, TDES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, CMACAsymmetric Algorithms
RSA 4096, RSA 2048, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, SHA256, MD5Schemes
Key Exchange, Key Agreement, AEADProtocols
SSH, SSHv2Randomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521Block cipher modes
ECB, CBC, CTR, GCMSecurity level
Level 1, level 1Certification process
out of scope, version of firmware is Junos OS 17.4 R1-S4. Any other version of firmware loaded onto the module is out of scope for this validation. The image for the hardware platforms is: • jinstall-ex-4300-17.4R1-S4-signedStandards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-67, SP 800-135, SP 800-108, SP 800-90A, RFC 4253, X.509File metadata
| Subject | FIPS 140-2 Security Policy Template |
|---|---|
| Author | Jennifer Brady |
| Creation date | D:20201130100800-05'00' |
| Modification date | D:20201130100800-05'00' |
| Pages | 30 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.CPE matches
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3358,
"dgst": "e4ef2cbd84c9acfc",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#5332",
"RSA#2956",
"AES#5509",
"ECDSA#1479",
"KTS#2773",
"HMAC#3663",
"CVL#1956",
"HMAC#3665",
"AES#5506",
"SHS#4419",
"AES#1269",
"Triple-DES#2773",
"DRBG#2177",
"KBKDF#229",
"SHS#4420",
"SHS#4421",
"HMAC#3664",
"KTS#3665"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:ex4300:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"17.4"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 11
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 3,
"Diffie-Hellman": 10
},
"DSA": {
"DSA": 2
}
},
"RSA": {
"RSA 2048": 4,
"RSA 4096": 4
}
},
"certification_process": {
"OutOfScope": {
"out of scope": 1,
"version of firmware is Junos OS 17.4 R1-S4. Any other version of firmware loaded onto the module is out of scope for this validation. The image for the hardware platforms is: \u2022 jinstall-ex-4300-17.4R1-S4-signed": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 4
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 4
}
},
"crypto_protocol": {
"SSH": {
"SSH": 46,
"SSHv2": 2
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 1
},
"KA": {
"Key Agreement": 3
},
"KEX": {
"Key Exchange": 1
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 28,
"P-384": 18,
"P-521": 12
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"# 2773": 1,
"# 3665": 2,
"# 5506": 1,
"#1956": 1,
"#5509": 1
}
},
"fips_certlike": {
"Certlike": {
"AES #5509": 1,
"AES 128": 1,
"AES 128, 256": 1,
"AES CBC 128/192/256": 1,
"AES CMAC (128": 1,
"AES Cert. # 5506": 1,
"AES GCM 2": 1,
"AES-GCM (128": 2,
"DRBG 2": 1,
"HMAC Cert. # 3665": 4,
"HMAC SHA-256": 1,
"HMAC- SHA256": 1,
"HMAC-SHA- 256": 2,
"HMAC-SHA-1": 6,
"HMAC-SHA-1- 96": 2,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"RSA 2048": 4,
"RSA 4096": 4,
"RSA2": 1,
"SHA 1, 256": 1,
"SHA 256": 4,
"SHA 384": 2,
"SHA 512": 2,
"SHA-1": 6,
"SHA-256": 5,
"SHA-384": 2,
"SHA-512": 4,
"SHA256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 2
}
},
"SHA": {
"SHA1": {
"SHA-1": 6
},
"SHA2": {
"SHA-256": 10,
"SHA-384": 1,
"SHA-512": 3,
"SHA256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 7
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 14,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-108": 4,
"SP 800-135": 1,
"SP 800-67": 1,
"SP 800-90A": 2
},
"RFC": {
"RFC 4253": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 19
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 1,
"Triple-DES": 5
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CMAC": 5,
"HMAC": 10,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Jennifer Brady",
"/CreationDate": "D:20201130100800-05\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20201130100800-05\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Subject": "FIPS 140-2 Security Policy Template",
"pdf_file_size_bytes": 847747,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://www.juniper.net/support/downloads/junos.html",
"https://www.juniper.net/documentation/en_US/release-independent/junos/information-products/topic-collections/hardware/ex-series/ex4300/book-hw-ex4300.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 30
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "8d7f1b71dae75fdab6741b825ac4c65b35f8f9c0b861dbe63c626f9a6b8a84a1",
"policy_txt_hash": "97d08d99a951ac1c8f6147ea55ef4bedc8538d9c9edf858bbf5d4ae07ee96524"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.3 and 6 of the Security Policy.",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FebConsolidated.pdf",
"date_sunset": null,
"description": "Juniper Networks EX4300 Ethernet Switches combine the carrier-class reliability with the economics of stackable platforms, delivering a high-performance, scalable solution for data center and campus office environments. Offering a full suite of Layer 2 and Layer 3 switching capabilities. EX4300 switches offer 24, 32 or 48-port 10/100/1000BASE-T with redundant, hot-swappable power supplies and Power over Ethernet (PoE). The EX 4300 family supports 1Gigabit and 10 Gigabit MACSec support in both FIPS mode and non FIPS mode of operation as of Junos release 17.4R1-S4.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "Junos OS 17.4R1-S4",
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": "[EX4300-24P, EX4300-24T and EX4300-48T with component EX-UM-4X4SFP] and [EX4300-32F with component EX-UM-8X8SFP]",
"level": 1,
"mentioned_certs": {},
"module_name": "Juniper Networks EX4300 Ethernet Switches",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2019-02-04",
"lab": "Acumen Security",
"validation_type": "Initial"
},
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2021-03-12",
"lab": "Acumen Security",
"validation_type": "Update"
}
],
"vendor": "Juniper Networks, Inc.",
"vendor_url": "http://www.juniper.net/"
}
}