This page was not yet optimized for use on mobile
devices.
Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways
Certificate #4664
Webpage information
Security policy
Symmetric Algorithms
AES, CAST, DES, Triple-DES, TDES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 4096, RSA 2048, RSA 3072, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
Key Exchange, Key Agreement, AEADProtocols
SSH, SSHv2, IKE, IKEv2, IKEv1, IPsec, VPNRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521, P-512Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, Level 1, level 2Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-67, SP 800-135, SP 800-90A, SP 800-131A, RFC 2409, RFC7296, RFC5282, RFC4106, RFC 4253, X.509File metadata
| Creation date | D:20231120160757-05'00' |
|---|---|
| Modification date | D:20231120160757-05'00' |
| Pages | 35 |
Heuristics
Automated inference - use with caution
All attributes shown in this section (e.g., links between certificates, products, vendors, and known CVEs) are generated by automated heuristics and have not been reviewed by humans. These methods can produce false positives or false negatives and should not be treated as definitive without independent verification. For details on our data sources and inference methods, see our methodology. If you believe any information here is inaccurate or harmful, please submit feedback.References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4664,
"dgst": "e94e063888d213e0",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"CVL#C1050",
"Triple-DES#C1046",
"HMAC#C1049",
"DRBG#C1049",
"SHS#C1045",
"KTS#C1049",
"CVL#C1045",
"HMAC#C1044",
"SHS#C1049",
"HMAC#C1045",
"DRBG#C1044",
"Triple-DES#C1049",
"Triple-DES#C1045",
"SHS#C1044",
"AES#C1049",
"ECDSA#C1045",
"ECDSA#C1049",
"DRBG#C1045",
"RSA#C1049",
"SHS#C1046",
"HMAC#C1046",
"RSA#C1045",
"HMAC#C1043",
"SHS#C1043",
"CVL#C1049",
"AES#C1045",
"AES#C1046"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:srx4200:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx1500:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx4100:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx4600:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"19.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 9
},
"ECDSA": {
"ECDSA": 25
}
},
"FF": {
"DH": {
"DH": 13,
"Diffie-Hellman": 9
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 16,
"RSA 3072": 2,
"RSA 4096": 10
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 11
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 30,
"IKEv1": 6,
"IKEv2": 9
},
"IPsec": {
"IPsec": 27
},
"SSH": {
"SSH": 35,
"SSHv2": 2
},
"VPN": {
"VPN": 1
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 3
},
"KA": {
"Key Agreement": 3
},
"KEX": {
"Key Exchange": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 46,
"P-384": 20,
"P-512": 2,
"P-521": 4
}
},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 3,
"#10": 3,
"#11": 1,
"#12": 1,
"#13": 1,
"#15": 1,
"#2": 2,
"#3": 2,
"#4": 3,
"#5": 3,
"#6": 2,
"#7": 3,
"#8": 4,
"#9": 4
}
},
"fips_certlike": {
"Certlike": {
"# C1045": 1,
"# C1049": 2,
"AES CBC 128/192/256": 5,
"DES9": 1,
"DRBG 2": 1,
"HMAC SHA-1": 1,
"HMAC SHA-256": 5,
"HMAC- SHA-1-96": 1,
"HMAC- SHA-256": 2,
"HMAC- SHA-256 10": 1,
"HMAC- SHA-384": 1,
"HMAC- SHA1-96": 1,
"HMAC-SHA-1": 4,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"RSA 2048": 16,
"RSA 3072": 2,
"RSA 4096": 10,
"SHA 1, 256": 1,
"SHA 256": 12,
"SHA 384": 2,
"SHA 512": 1,
"SHA- 256": 1,
"SHA- 384": 1,
"SHA- 512": 1,
"SHA-1": 10,
"SHA-1-96": 1,
"SHA-256": 19,
"SHA-384": 4,
"SHA-512": 3,
"SHA1-96": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 10
},
"SHA2": {
"SHA-256": 22,
"SHA-384": 4,
"SHA-512": 2
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 19
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 7,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-131A": 9,
"SP 800-135": 2,
"SP 800-67": 3,
"SP 800-90A": 7
},
"RFC": {
"RFC 2409": 1,
"RFC 4253": 1,
"RFC4106": 2,
"RFC5282": 1,
"RFC7296": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 28
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 3,
"Triple-DES": 32
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"HMAC": 29,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20231120160757-05\u002700\u0027",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "6a692e55-8dd3-476c-98c1-17e47ba4343b",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-11-20T21:07:35Z",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
"/ModDate": "D:20231120160757-05\u002700\u0027",
"pdf_file_size_bytes": 1575923,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31443",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31440",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31446",
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000551-en.pdf",
"http://www.juniper.net/assets/de/de/local/pdf/datasheets/1000600-en.pdf",
"https://teronlabs.sharepoint.com/sites/AISEF/Shared%20Documents/Consulting/Juniper%20(B190402)%20FIPS%20Junos%2019.2R1%20for%20SRX%20%20SL2/5%20-%20Working/Security%20Policy/SRX%20TVP/Junos%2019.2R1%20SRX1500_4100_4200_SRX4600_Security_Policy_v1.2-clean.docx#_Toc106224991",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31441",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31442",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31447",
"https://www.juniper.net/assets/us/en/local/pdf/datasheets/1000628-en.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 35
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "a10d06811f08522822fb90a49130b9b379ba21806c7d175036ea5eb712a06778",
"policy_txt_hash": "20d642e82bbac5d477ca6c78e4e48b4dc0ae2ff2d99b29a06b0d6e842523e349"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2023_111223_0648_signed.pdf",
"date_sunset": null,
"description": "The SRX1500, SRX4100, SRX4200 and SRX4600 Service Gateways offer outstanding protection, performance, scalability, availability, and integrated security services. Designed for high-performance security services architecture, and seamless integration of networking and security in a single platform, the SRX1500, SRX4100, SRX4200 and SRX 4600 are best suited for campuses, regional headquarters and enterprise data centers with a focus on application visibility and control, intrusion prevention, advanced threat protection, authentication, confidentiality of information, and integrated cloud-based security.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS OS 19.2R1",
"historical_reason": "Moved to historical list due to sunsetting",
"hw_versions": "[SRX1500 SYS-JB-AC, SRX1500 SYS-JB-DC, SRX4100 SYS-JB-AC, SRX4100 SYS-JB-DC, SRX4200 SYS-JB-AC, SRX4200 SYS-JB-DC, SRX4600 (AC), SRX4600 (DC)] with JNPR-FIPS-TAMPER-LBLS",
"level": 2,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX1500, SRX4100, SRX4200 and SRX4600 Services Gateways",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-11-28",
"lab": "Leidos Accredited Testing \u0026 Evaluation (AT\u0026E) Lab",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc",
"vendor_url": "http://www.juniper.net"
}
}