Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3317

Details

Module Name
Forcepoint Next Generation Firewall
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
2
Caveat
When configured as specified in the section 3 Secure Operation of the Security Policy with tamper evident labels SKU ACFIPS3 Forcepoint NGFW FIPS Kit installed as indicated in the Security Policy.
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Forcepoint NGFW is a next generation firewall that blocks malicious attacks and prevents the theft of data and intellectual property while transforming infrastructure and increasing the efficiency of your operations. With Forcepoint NGFW, painlessly handle the rapid shift to encrypted transmissions for both incoming and outgoing traffic.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #5168, #5511, #5512, #5513, #5514, #5515 and #5516
CKG vendor affirmed
CVL Certs. #1676, #1957, #1958, #1959, #1960, #1961 and #1962
DRBG Certs. #1946, #2179, #2180 and #2181
ECDSA Certs. #1339, #1480, #1481 and #1482
HMAC Certs. #3429, #3667, #3668, #3669, #3670, #3671 and #3672
KBKDF Certs. #230, #231 and #232
KTS AES Certs. #5511, #5512 and #5513
KTS AES Certs. #5168, #5514, #5515 and #5516; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #5168, #5511, #5512, #5513, #5514 and #5516 and HMAC Certs. #3429, #3667, #3668, #3669, #3670, #3671 and #3672; key establishment methodology provides 128 or 256 bits of encryption strength
KTS Triple-DES Certs. #2632, #2774, #2775, #2776, #2777, #2778, #2779 and HMAC Certs. #3429, #3667, #3668, #3669, #3670, #3671 and #3672; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #2777, #2957, #2958 and #2959
SHS Certs. #4175, #4422, #4423, #4424, #4425, #4426 and #4427
Triple-DES Certs. #2632, #2774, #2775, #2776, #2777, #2778 and #2779
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1676, #1957, #1959 and #1961 with CVL Certs. #1958, #1960 and #1962, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
1101, 2101, 2105, 3305, and 6205
Firmware Versions
6.4.1.20056.fips.8

Vendor

Forcepoint
10900-A Stonelake Blvd.
Quarry Oaks 1
Ste. 350
Austin, TX 78759
USA

Klaus Majewski
legal@forcepoint.com
Phone: 858-320-8000
Jorma Levomaki
legal@forcepoint.com
Phone: 858-320-8000

Validation History

Date Type Lab
11/1/2018 Initial ATSEC INFORMATION SECURITY CORP