Module Name
Check Point IP Appliance
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The Check Point IP Applicances are full-featured enterprise systems designed for small to medium enterprises, with Service Provider flexibility and rapid serviceability option in a single rack space. When combined with Check Point VPN-1 these platforms provide reliable, easy to manage distributed security and access.
Approved Algorithms
| AES |
Certs. #497, #709, #769 and #342 |
| DSA |
Certs. #202 and #271 |
| HMAC |
Certs. #248, #384, #251, #385, #499, #421 and #146 |
| RNG |
Certs. #275, #417, #277 and #418 |
| RSA |
Certs. #211, #332, #213 and #333 |
| SHS |
Certs. #564, #734, #567, #735, #883, #775 and #417 |
| Triple-DES |
Certs. #507, #637, #510, #638, #729, #669 and #406 |
Other Algorithms
CAST; DES; HMAC MD5; MD5; Arcfour; Twofish; Blowfish; Diffie-Hellman (key agreement, key establishment methodology provides between 112 and 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (K3 mode; non-compliant)
Hardware Versions
IP290 (CPAP-IP295-D-GFIP [Nokia NBB0292000] and N431174001, CPAP-IP295-D-AC-DS [Nokia NBB0295000] and N431174001) and IP690 (CPAP-IP695-D-GFIP [Nokia NBB0692000], CPIP-A-4-1C and N431174001)
Firmware Versions
IPSO v4.2 with Check Point VPN-1 NGX R65 with hot fix HFA-30
