Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3347

Details

Module Name
Certes Enforcement Points
Standard
FIPS 140-2
Status
Active
Sunset Date
1/1/2024
Validation Dates
1/2/2019
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Certes Encryptors, or Certes Enforcement Points (CEP), are purpose-built encryption appliances that provide multi-layer data protection and application segmentation. CEP appliances provide Ethernet frame encryption for Layer 2 networks, IPsec encryption for Layer 3 networks, and data payload encryption for Layer 4 MPLS networks. CEPs operate transparently to the network infrastructure, which ensures all data is encrypted without impacting network performance.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Cert. #5338
CKG vendor affirmed
CVL Certs. #1800, #1827, #1828, and #1829
DRBG Cert. #2061
ECDSA Cert. #1402
HMAC Cert. #3535
KBKDF Cert. #193
SHS Cert. #4289
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #1800, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
CEP220, CEP250, CEP300, CEP420, CEP520
Firmware Versions
CEP v5.3

Vendor

Certes Networks, Inc.
300 Corporate Center Drive
Suite 140
Pittsburgh, PA 15108
USA

Sean Everson
sean.everson@certesnetworks.com
Phone: 412-357-1130
Fax: 412-262-2574
Gary Brunner
gary.brunner@certesnetworks.com
Phone: 412-200-2177
Fax: 412-262-2574

Lab

DXC Technology
NVLAP Code: 200996-0