Module Name
Check Point IP Appliance
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The Nokia VPN Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access.
Approved Algorithms
AES |
Certs. #397, #342, #442 and #497 |
DSA |
Certs. #202 and #204 |
HMAC |
Certs. #248, #251, #207, #208, #176, #146 and #499 |
RNG |
Certs. #275, #277, #229 and #230 |
RSA |
Certs. #211, #213, #215 and #167 |
SHS |
Certs. #564, #567, #508, #509, #469, #417 and #883 |
Triple-DES |
Certs. #507, #510, #465, #466, #435, #406 and #729 |
Other Algorithms
CAST; DES (Cert. #314); HMAC MD5; MD5; Arcfour; Twofish; Blowfish; Diffie-Hellman (key agreement; key establishment methodology provides between 112 bits and 128 bits of encryption strength; non-compliant less than112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (K3 mode; non-compliant)
Hardware Versions
IP390 (CPAP-IP395-D-GFIP [Nokia NBB0302000] and N431174001) and IP560 (CPAP-IP565-D-AC [Nokia NBB0562000] and CPIP-A-4-1C, CPIP-A-PCMCIA-CA, N431174001)
Firmware Versions
IPSO v4.2 with Check Point VPN-1 NGX R65 with hot fix HFA-30