U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1706

Details

Module Name
FortiMailâ„¢ OS
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
04/12/2012
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Cryptographic Module Ports and Interfaces: Level 3
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Tested: FortiMail-3000C
Module Type
Firmware
Embodiment
Multi-chip standalone
Description
FortiMail OS is a firmware based operating system that runs exclusively on Fortinet’s FortiMail product family (PC-based, purpose built appliances). FortiMail offers both inbound and outbound scanning, advanced antispam and antivirus filtering capabilities, IP address black/white listing functionality, and extensive quarantine and archiving capabilities.
FIPS Algorithms
AES Cert. #1604
HMAC Cert. #940
RNG Cert. #860
RSA Cert. #786
SHS Cert. #1417
Triple-DES Cert. #1049
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; MD5; HMAC-MD5; SHA-256 (non-compliant); HMAC-SHA-256 (non-compliant)
Firmware Versions
FortiMail 4.0, build0369, 110615

Vendor

Fortinet, Inc.
326 Moodie Drive
Ottawa, Ontario K2H 8G3
Canada

Alan Kaye
akaye@fortinet.com
Phone: 613-225-9381

Lab

CSC
NVLAP Code: 200426-0