U.S. flag   An official website of the United States government

Cryptographic Module Validation Program CMVP

Certificate #1877

Details

Module Name
PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Firewalls
Standard
FIPS 140-2
Status
Historical
 Historical Reason
RNG SP800-131A Revision 1 Transition
Validation Dates
01/30/2013;08/16/2013
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy
Security Level Exceptions
  • Cryptographic Module Specification: Level 3
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-chip standalone
Description
The Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique idenification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications.
FIPS Algorithms
AES Cert. #1987
HMAC Cert. #1201
RNG Cert. #1044
RSA Cert. #1031
SHS Cert. #1743
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); NDRNG; MD5; RC4; Camellia; RC2; SEED; DES
Hardware Versions
HW P/Ns 910‐000006‐00O Rev. O with FIPS Kit P/N 920‐000005‐00A Rev. A (PA‐500), 910‐000094‐00O Rev. O with FIPS Kit P/N 920‐000005‐00A (PA‐500‐2GB), 910‐000004‐00Z Rev. Z with FIPS Kit P/N 920‐000004‐00A Rev. A (PA‐2020), 910‐000003‐00Z Rev. Z with FIPS Kit P/N 920‐000004‐00A Rev. A (PA‐2050), 910‐000002‐00AB Rev. AB with FIPS Kit P/N 920‐000003‐00A Rev. A (PA‐4020), HW P/N 910‐000001‐00AB Rev. AB with FIPS Kit P/N 920‐000003‐00A Rev. A (PA‐4050), 910‐000005‐00S Rev. S with FIPS Kit P/N 920‐000003‐00A Rev. A (PA‐4060), 910‐000010‐00F Rev. F w/ FIPS Kit P/N 920‐000037‐00A Rev. A (PA‐5020), 910‐000009‐00F Rev. F w/ FIPS Kit P/N 920‐000037‐00A Rev. A (PA‐5050) and 910‐000008‐00F Rev. F w/ FIPS Kit P/N 920‐000037‐00A Rev. A (PA‐5060)
Firmware Versions
4.0.10 or 4.0.12‐h2

Vendor

Palo Alto Networks
3300 Olcott Street
Santa Clara, CA 95054
USA

Jake Bajic
jbajic@paloaltonetworks.com
Phone: 408-753-3901
Fax: 408-753-4001

Related Files

Lab

InfoGard
NVLAP Code: 100432-0