Module Name
FortiGate-5140 Chassis with FortiGate 5000 Series Blades
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
Embodiment
Multi-chip standalone
Description
The FortiGate product family spans the full range of network environments, from SOHO to service provider, offering cost effective systems for any size of application. FortiGate appliances detect and eliminate the most damaging, content-based threats from email and Web traffic such as viruses, worms, intrusions, inappropriate Web content and more in real time - without degrading network performance.
Approved Algorithms
AES |
Certs. #2276, #2277, #2278, #2607 and #2608 |
HMAC |
Certs. #1394, #1395, #1396, #1615 and #1616 |
RNG |
Cert. #1234 |
RSA |
Certs. #1168, #1169 and #1334 |
SHS |
Certs. #1957, #1958, #1959, #2191 and #2192 |
Triple-DES |
Certs. #1423, #1424, #1425, #1572 and #1573 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 201 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; MD5; HMAC-MD5; NDRNG
Hardware Versions
Chassis: C4GL51; Blades: P4CF76, P4CJ36-02, P4CJ36-04 and P4EV74; AMC Components: P4FC12 and AMC4F9; Shelf Manager: PN 21594 346; Alarm Panel: PN 21594 159; Air Filter: PN P10938-01; Front Filler Panel: PN P10945-01: ten; Rear Filler Panel: PN P10946-01: fourteen; Tamper Evident Seal Kit: FIPS-SEAL-RED
Firmware Versions
FortiOS 4.0, build3830, 131223