Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3149

Details

Module Name
Network Security Platform Sensor NS-3100, NS-3200, NS-5100 and NS-5200
Standard
FIPS 140-2
Status
Active
Sunset Date
3/11/2023
Validation Dates
3/12/2018
Overall Level
2
Caveat
When operated in FIPS mode and configured per Security Policy Sections 8 and 9 and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Cert. #4619
CKG vendor affirmed
CVL Certs. #1273 and #1274
DRBG Cert. #1548
HMAC Cert. #3055
KTS AES Cert. #4619 and HMAC Cert. #3055, key wrapping; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2514 and #2525
SHS Certs. #3783 and #3791
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
P/Ns IPS-NS3100 Version 1.00, IPS-NS3200 Version 1.00, IPS-NS5100 Version 1.00 and IPS-NS5200 Version 1.00; FIPS Kit P/N IAC-FIPS-KT2
Firmware Versions
8.1.17.32

Vendor

McAfee LLC
2821 Mission College Blvd.
Santa Clara, CA 95054
USA

Mark Hanson
Mark_Hanson@McAfee.com
Phone: 972-963-7326

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0