Module Name
Network Security Platform Sensor NS7150, NS7250 and NS7350
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks.
Approved Algorithms
| AES |
Cert. #4801 |
| CKG |
vendor affirmed |
| CVL |
Certs. #1435 and #1436 |
| DRBG |
Cert. #1670 |
| HMAC |
Cert. #3208 |
| KTS |
AES Cert. #4801 and HMAC Cert. #3208, key wrapping; key establishment methodology provides 112 bits of encryption strength |
| RSA |
Certs. #2628 and #2629 |
| SHS |
Certs. #3945 and #3946 |
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
P/Ns IPS-NS7150 Version 0.60, IPS-NS7250 Version 0.60 and IPS-NS7350 Version 0.60; FIPS Kit P/N IAC-FIPS-KT2
Firmware Versions
9.1.17.1
