Module Name
Forcepoint NGFW Cryptographic Library
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The Forcepoint NGFW Cryptographic Library is a software module that
provides cryptographic services required by the Forcepoint NGFW product.
Tested Configuration(s)
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 1035 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 1065 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 1402 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 3202 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 3202 without AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 3206 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 3206 without AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint 5206 with AES-NI
- Debian GNU/Linux 6.0-based distribution running on Forcepoint MIL-320
- Debian GNU/Linux 9.0-based distribution running on Forcepoint 325-C2 with AES-NI
- Debian GNU/Linux 9.0-based distribution running on Forecepoint 2105 with AES-NI
- Debian GNU/Linux 9.0-based distribution running on Forecepoint 3305 with AES-NI
- Debian GNU/Linux 9.0-based distribution running on Forecepoint 3305 without AES-NI
- Debian GNU/Linux 9.0-based distribution running on Forecepoint 6205 with AES-NI (single-user mode)
Approved Algorithms
AES |
Certs. #2948, #2949, #2950, #2951, #2952, #2953, #2954, #2955, #4591, #4592, #4593 and #4716 |
CVL |
Certs. #344, #345, #346, #347, #348, #349, #350, #351, #352, #353, #354, #355, #1260, #1261 and #1262 |
DRBG |
Certs. #549, #550, #551, #552, #553, #554, #555, #556, #1532, #1533, #1534 and #1605 |
DSA |
Certs. #878, #879, #880, #881, #882, #883, #1217, #1218 and #1219 |
ECDSA |
Certs. #537, #538, #539, #540, #541, #542, #1124, #1125 and #1126 |
HMAC |
Certs. #1869, #1870, #1871, #1872, #1873, #1874, #3039, #3040 and #3041 |
RSA |
Certs. #1549, #1550, #1551, #1552, #1553, #1554, #2502, #2503 and #2504 |
SHS |
Certs. #2482, #2483, #2484, #2485, #2486, #2487,#3765, #3766 and #3767 |
Triple-DES |
Certs. #1752, #1753, #1754, #1755, #1756, #1757, #2443, #2444 and #2445 |
Other Algorithms
Diffie-Hellman (CVL Certs. #344, #346, #348, #350, #352, #354, #1260, #1261 and #1262, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #344, #345, #346, #347, #348, #349, #350, #351, #352, #353, #354, #355, #1260, #1261 and #1262, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength)