U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1866

Details

Module Name
FortiGate-3950B/3951B
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
12/19/2012
Overall Level
2
Caveat
When operated in FIPS mode and tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
  • Cryptographic Module Ports and Interfaces: Level 3
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip standalone
Description
FortiGate Multi-Threat Security Solutions are dedicated, hardware-based devices that deliver complete content protection against blended threats at the network perimeter or within the internal network.
FIPS Algorithms
AES Certs. #1856, #1857 and #1858
HMAC Certs. #1103, #1104 and #1105
RNG Cert. #974
RSA Cert. #939
SHS Certs. #1633, #1634 and #1635
Triple-DES Certs. #1203, #1204 and #1205
Other Algorithms
MD5; HMAC-MD5; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 201 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SHA-256 (non-compliant); HMAC-SHA-256 (non-compliant); DES
Hardware Versions
FortiGate-3950B (C4DE23) and FortiGate-3951B [(C4EL37) and FSM-064 (PE4F79)] with Blank Face Plate (P06698-02) and Tamper Evident Seal: FIPS-SEAL-RED
Firmware Versions
FortiOS 4.0, build8892, 111128

Vendor

Fortinet, Inc.
326 Moodie Drive
Ottawa, Ontario K2H 8G3
Canada

Alan Kaye
Phone: 613-225-9381

Lab

EWA
NVLAP Code: 200556-0