Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE

Certificate #4387

Webpage information ?

Status active
Validation dates 07.12.2022
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Hardware
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy
Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Description The MX series provides dedicated high-performance processing for flows and sessions and integrates advanced security capabilities that protect the network infrastructure as well as user data.
Version (Hardware) MX2010 and MX2020 with components identified in Security Policy Table 1
Version (Firmware) Junos OS 20.3X75
Vendor Juniper Networks, Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES128, AES256, CAST, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-224, HMAC-SHA-512, CMAC
Asymmetric Algorithms
RSA 2048, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-256, SHA-512, SHA-224, SHA-384, MD5
Schemes
Key Exchange, Key Agreement
Protocols
SSH
Randomness
DRBG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384, P-521
Block cipher modes
ECB, CBC, CTR, GCM

Security level
Level 1, level 1

Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-135, SP 800-90A, SP 800-38D, SP 800-35F, SP 800-108, SP 800-90B, X.509

File metadata

Subject FIPS 140-2 Security Policy Template
Author Jennifer Brady
Creation date D:20221013145148+05'30'
Modification date D:20221013145148+05'30'
Pages 32
Creator Microsoft® Word for Microsoft 365
Producer Microsoft® Word for Microsoft 365

References ?

No references are available for this certificate.

Updates ?

  • 09.02.2023 The certificate data changed.
    Certificate changed

    The cert_id was updated.

    • The new value is 4387.

    The web extraction data was updated.

    • The following values were inserted: {'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-12-07', 'validation_type': 'Initial', 'lab': 'ACUMEN SECURITY, LLC'}], 'vendor_url': 'http://www.juniper.net', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2022_030123_0646_signed.pdf', 'hw_versions': 'MX2010 and MX2020 with components identified in Security Policy Table 1', 'fw_versions': 'Junos OS 20.3X75'}.
    • The standard property was set to FIPS 140-2.
    • The status property was set to active.
    • The level property was set to 1.
    • The embodiment property was set to Multi-Chip Stand Alone.
    • The tested_conf property was set to None.
    • The following properties were deleted: ['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].

    The PDF extraction data was updated.

    • The following values were inserted: {'policy_metadata': {'pdf_file_size_bytes': 1033406, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 32, '/Author': 'Jennifer Brady', '/Subject': 'FIPS 140-2 Security Policy Template', '/Creator': 'Microsoft® Word for Microsoft 365', '/CreationDate': "D:20221013145148+05'30'", '/ModDate': "D:20221013145148+05'30'", '/Producer': 'Microsoft® Word for Microsoft 365', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['http://www.juniper.net/', 'https://www.juniper.net/support/downloads/junos.html', 'https://www.juniper.net/content/dam/www/assets/datasheets/us/en/routers/mx2000-universal-routing-platforms-datasheet.pdf']}}}.
    • The following properties were deleted: ['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].

    The computed heuristics were updated.

    • The following values were inserted: {'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}.
    • The algorithms property was set to {'_type': 'Set', 'elements': ['CVL#A2286', 'SHS#A2286', 'DRBG#A2283', 'HMAC#A2287', 'DRBG#A2286', 'KAS-SSC#A2286', 'ECDSA#A2286', 'DRBG#A2287', 'HMAC#A2286', 'HMAC#A2284', 'KTS#A2286', 'AES#4545', 'AES#A2285', 'HMAC#A2283', 'SHS#A2283', 'RSA#A2286', 'KBKDF#A2285', 'AES#A2286', 'SHS#A2287', 'SHS#A2284']}.
    • The following properties were deleted: ['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].

    The state was updated.

    • The following values were inserted: {'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '83bbf8d8f0870a989bf20c0aacb8aebefadb50386a56f6ff18bb2892efad5780', 'policy_txt_hash': '2249823deeda31142e67e91c70acd349086644c37965be0c590ad6b9d0d69000'}.
    • The following properties were deleted: ['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
  • 08.12.2022 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4387,
  "dgst": "9430301e26927415",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "HMAC#A2283",
        "HMAC#A2286",
        "DRBG#A2286",
        "SHS#A2287",
        "RSA#A2286",
        "SHS#A2286",
        "HMAC#A2287",
        "AES#4545",
        "DRBG#A2287",
        "KAS-SSC#A2286",
        "AES#A2285",
        "HMAC#A2284",
        "SHS#A2284",
        "AES#A2286",
        "SHS#A2283",
        "KBKDF#A2285",
        "DRBG#A2283",
        "CVL#A2286",
        "KTS#A2286",
        "ECDSA#A2286"
      ]
    },
    "cpe_matches": {
      "_type": "Set",
      "elements": [
        "cpe:2.3:h:juniper:mx2010:-:*:*:*:*:*:*:*",
        "cpe:2.3:h:juniper:mx2020:-:*:*:*:*:*:*:*"
      ]
    },
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "20.3"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 2
          },
          "ECDH": {
            "ECDH": 9
          },
          "ECDSA": {
            "ECDSA": 18
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 7
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA 2048": 7
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 4
        },
        "CTR": {
          "CTR": 3
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 4
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 4
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 42
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        },
        "KEX": {
          "Key Exchange": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 26,
          "P-384": 10,
          "P-521": 14
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES CBC 128/192/256": 1,
          "AES1": 1,
          "AES128": 1,
          "AES256": 1,
          "HMAC SHA-1": 1,
          "HMAC SHA-256": 4,
          "HMAC-SHA- 256": 2,
          "HMAC-SHA- 512": 2,
          "HMAC-SHA-1": 6,
          "HMAC-SHA-224": 2,
          "HMAC-SHA-256": 6,
          "HMAC-SHA-512": 2,
          "RSA 2048": 7,
          "RSA2": 1,
          "SHA 1, 256": 1,
          "SHA 256": 5,
          "SHA 384": 2,
          "SHA 512": 2,
          "SHA-1": 7,
          "SHA-224": 2,
          "SHA-256": 12,
          "SHA-384": 4,
          "SHA-512": 4
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 3
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-224": 2,
            "SHA-256": 15,
            "SHA-384": 2,
            "SHA-512": 5
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 12
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 12,
          "FIPS PUB 140-2": 1,
          "FIPS140-2": 1
        },
        "NIST": {
          "SP 800-108": 4,
          "SP 800-135": 2,
          "SP 800-35F": 1,
          "SP 800-38D": 2,
          "SP 800-90A": 4,
          "SP 800-90B": 1
        },
        "X509": {
          "X.509": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 14,
            "AES128": 1,
            "AES256": 1
          },
          "CAST": {
            "CAST": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 5,
            "HMAC": 18,
            "HMAC-SHA-224": 1,
            "HMAC-SHA-256": 3,
            "HMAC-SHA-512": 1
          }
        },
        "miscellaneous": {
          "Blowfish": {
            "Blowfish": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Jennifer Brady",
      "/CreationDate": "D:20221013145148+05\u002730\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20221013145148+05\u002730\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "/Subject": "FIPS 140-2 Security Policy Template",
      "pdf_file_size_bytes": 1033406,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://www.juniper.net/",
          "https://www.juniper.net/support/downloads/junos.html",
          "https://www.juniper.net/content/dam/www/assets/datasheets/us/en/routers/mx2000-universal-routing-platforms-datasheet.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 32
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "83bbf8d8f0870a989bf20c0aacb8aebefadb50386a56f6ff18bb2892efad5780",
    "policy_txt_hash": "2249823deeda31142e67e91c70acd349086644c37965be0c590ad6b9d0d69000"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Section 1.2 and 6 of the Security Policy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2022_030123_0646_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "The MX series provides dedicated high-performance processing for flows and sessions and integrates advanced security capabilities that protect the network infrastructure as well as user data.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 3",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "Junos OS 20.3X75",
    "historical_reason": null,
    "hw_versions": "MX2010 and MX2020 with components identified in Security Policy Table 1",
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Juniper Networks MX2010 and MX2020 3D Universal Edge Routers with REMX2K-X8-64G and RE-MX2000-1800X4-S Routing Engines, MPC9E with MIC-MACSEC-MRATE",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2022-12-07",
        "lab": "ACUMEN SECURITY, LLC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Juniper Networks, Inc.",
    "vendor_url": "http://www.juniper.net"
  }
}