Module Name
NetScreen-ISG 1000 and NetScreen-ISG 2000
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Cryptographic Module Specification: Level 3
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Cryptographic Key Management: Level 3
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The Juniper Networks ISG 1000 and ISG 2000 are fully integrated firewall/VPN systems that provide multi-gigabit performance, modular architecture and rich virtualization capabilities. They provide an ideal solution for large enterprise, data center, and service provider networks. The ISG Series firewall/VPN-based systems deliver security features such as Intrusion Prevention System (IPS), anti-spam, Web filtering, and Internet Content Adaptation Protocol (ICAP) antivirus redirection support.
Approved Algorithms
| AES |
Cert. #864 |
| DSA |
Cert. #312 |
| ECDSA |
Cert. #101 |
| HMAC |
Cert. #480 |
| RNG |
Cert. #494 |
| RSA |
Cert. #415 |
| SHS |
Cert. #858 |
| Triple-DES |
Cert. #709 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; MD5
Hardware Versions
P/Ns NS-ISG-1000 (NetScreen-ISG 1000) and NS-ISG-2000 (NetScreen-ISG 2000)
Firmware Versions
ScreenOS 6.2.0r3a
