This page was not yet optimized for use on mobile devices.
Edge SWG
Certificate #4873
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, HMACAsymmetric Algorithms
RSA 2048, ECDH, Diffie-Hellman, DHHash functions
SHA-1, SHA1, SHA2, SHA3-256, MD5, PBKDFSchemes
Key AgreementProtocols
SSH, SSL, TLS v1.2, TLS v1.3, TLS, TLS 1.2, TLS 1.3Randomness
DRBGBlock cipher modes
CBC, CTR, GCMTrusted Execution Environments
PSPVendor
Broadcom, Broadcom Inc, MicrosoftSecurity level
Level 1, level 1Certification process
out of scope, Dell PowerEdge R440 andS410Server) and out of scope of this validation, and physical indicators are those of the host system (Dell PowerEdge R440 andS410Server) and out of scope of this validation. The hypervisor provides virtualized ports and interfaces for the moduleStandards
FIPS 140-3, FIPS 197, FIPS 198-1, FIPS 186-4, FIPS 180-4, SP 800-90B, PKCS1, PKCS7, RFC8446, RFC5288, RFC4252, ISO/IEC 24759File metadata
| Author | Scott Ehrlich |
|---|---|
| Creation date | D:20241103175350-05'00' |
| Modification date | D:20241103175428-05'00' |
| Pages | 45 |
| Creator | Acrobat PDFMaker 24 for Word |
| Producer | Adobe PDF Library 24.3.212 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
12.11.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4873,
"dgst": "e11d515bfbb4c633",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES-GCMA2936",
"SHA2-256A3192",
"HMAC-SHA2-384A2936",
"HMAC-SHA2-224A2936",
"HMAC-SHA2-512A2936",
"KDF TLSA2936",
"AES-CBCA2936",
"Counter DRBGA2936",
"KDF SNMPA2936",
"RSA SigVer (FIPS186-4)A3192",
"HMAC-SHA2-256A2936",
"RSA KeyGen (FIPS186-4)A2936",
"SHA2-224A2936",
"SHA2-512A2936",
"Safe Primes Key GenerationA2936",
"AES-CTRA2936",
"Safe Primes Key VerificationA2936",
"HMAC-SHA-1A3192",
"SHA2-384A2936",
"PBKDFA2936",
"RSA SigGen (FIPS186-4)A2936",
"TLS v1.3 KDFA2936",
"SHA-1A3192",
"KDF SSHA2936",
"KAS-FFC-SSC Sp800-56Ar3A2936"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"4210",
"4216"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 3
}
},
"FF": {
"DH": {
"DH": 19,
"Diffie-Hellman": 2
}
},
"RSA": {
"RSA 2048": 1
}
},
"certification_process": {
"OutOfScope": {
"Dell PowerEdge R440 andS410Server) and out of scope of this validation": 1,
"and physical indicators are those of the host system (Dell PowerEdge R440 andS410Server) and out of scope of this validation. The hypervisor provides virtualized ports and interfaces for the module": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 9
},
"CTR": {
"CTR": 5
},
"GCM": {
"GCM": 7
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 71
},
"TLS": {
"SSL": {
"SSL": 1
},
"TLS": {
"TLS": 36,
"TLS 1.2": 5,
"TLS 1.3": 4,
"TLS v1.2": 3,
"TLS v1.3": 3
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 2
}
},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {
"Cert": {
"#1": 1
}
},
"fips_certlike": {
"Certlike": {
"AES 128, 192": 1,
"AES-128": 3,
"AES-192": 1,
"AES-256": 4,
"HMAC SHA2": 2,
"HMAC-SHA-1": 10,
"HMAC-SHA-112": 2,
"HMAC-SHA1": 2,
"PAA 2": 1,
"PKCS1": 4,
"PKCS7": 2,
"RSA 2048": 1,
"SHA-1": 8,
"SHA-16": 1,
"SHA-17": 1,
"SHA1": 1,
"SHA2": 2,
"SHA2- 384": 4,
"SHA2-224": 5,
"SHA2-256": 17,
"SHA2-384": 3,
"SHA2-512": 7,
"SHA3-256": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 5,
"level 1": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 2
}
},
"PBKDF": {
"PBKDF": 6
},
"SHA": {
"SHA1": {
"SHA-1": 8,
"SHA1": 1
},
"SHA2": {
"SHA2": 5
},
"SHA3": {
"SHA3-256": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 18
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 23,
"FIPS 180-4": 2,
"FIPS 186-4": 2,
"FIPS 197": 2,
"FIPS 198-1": 2
},
"ISO": {
"ISO/IEC 24759": 2
},
"NIST": {
"SP 800-90B": 2
},
"PKCS": {
"PKCS1": 2,
"PKCS7": 1
},
"RFC": {
"RFC4252": 1,
"RFC5288": 1,
"RFC8446": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 10,
"AES-128": 3,
"AES-192": 1,
"AES-256": 4
},
"CAST": {
"CAST": 1
}
},
"constructions": {
"MAC": {
"HMAC": 7
}
}
},
"tee_name": {
"AMD": {
"PSP": 3
}
},
"tls_cipher_suite": {},
"vendor": {
"Broadcom": {
"Broadcom": 10,
"Broadcom Inc": 1
},
"Microsoft": {
"Microsoft": 4
}
},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Scott Ehrlich",
"/Comments": "",
"/Company": "",
"/CreationDate": "D:20241103175350-05\u002700\u0027",
"/Creator": "Acrobat PDFMaker 24 for Word",
"/Keywords": "",
"/ModDate": "D:20241103175428-05\u002700\u0027",
"/Producer": "Adobe PDF Library 24.3.212",
"/SourceModified": "D:20241103225328",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 867237,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=15411",
"https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/edge-swg/7-4/getting-started.html",
"http://www.broadcom.com/",
"https://csrc.nist.gov/projects/cryptographic-module-validation-program",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=35802",
"mailto:[email protected]",
"https://techdocs.broadcom.com/us/en/symantec-security-software/web-and-network-security/proxysg/7-3/index.html",
"http://www.acumensecurity.net/",
"https://support.broadcom.com/security/download-center"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 45
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "852ea88501c8acbbd8be159a2c9c9a48dd5d6edc905a2ba3f95e504a055978dd",
"policy_txt_hash": "08d36c6af2eb2f048c3f4a3a096f913905564a6e87715f0d4c7b2546e16f1e21"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim Validation. When operated in approved mode and when installed, initialized and configured as specified in Section 11.1.1 of the Security Policy. The protocols TLS v1.0 and v1.1 shall not be used when operated in approved mode.",
"certificate_pdf_url": null,
"date_sunset": "2026-11-10",
"description": "The Edge SWG appliances from Symantec provide companies the ability to deploy a scalable proxy-based security solution to protect their organization against advanced threats. The Edge SWG acts as gateway between web users and the Internet: a single point where all web traffic can be monitored and corporate policies for web use can be enforced.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, services, and authentication: Level 2",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": "Intel Xeon Silver 4210, Intel Xeon Silver 4216",
"level": 1,
"mentioned_certs": {},
"module_name": "Edge SWG",
"module_type": "Software-Hybrid",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "7.4",
"tested_conf": [
"SGOS v7.4 with KVM v2.3 running on Symantec SSP-S410 with Intel Xeon Silver 4210 with PAA",
"SGOS v7.4 with VMware ESXi v6.5 running on Dell PowerEdge R440 with Intel Xeon Silver 4216 with PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-11-11",
"lab": "ACUMEN SECURITY, LLC",
"validation_type": "Initial"
}
],
"vendor": "Symantec, A Division of Broadcom",
"vendor_url": "http://www.broadcom.com"
}
}