Cryptographic Module Validation Program CMVP

Certificate #2800

Details

Module Name
Palo Alto Networks VM-Series
Standard
FIPS 140-2
Status
Active
Sunset Date
11/29/2021
Validation Dates
11/30/2016;01/11/2018;02/13/2018;02/21/2020
Overall Level
1
Caveat
When operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security and advanced threat prevention features.
Tested Configuration(s)
  • CentOS 6.5 - KVM running on a Dell Power Edge R620
  • Citrix XenServer 6.1.0 running on a Citrix NetScaler SDX 11500 (single-user mode)
  • VMware ESXi 5.5 running on a Dell PowerEdge R730
FIPS Algorithms
AES Cert. #4019
CVL Certs. #843, #844, #845 and #846
DRBG Cert. #1197
ECDSA Cert. #895
HMAC Cert. #2621
KAS SP 800-56Arev2 with CVL Certs. #843 and #844, vendor affirmed
KTS AES Cert. #4019; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #4019 and HMAC Cert. #2621; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Cert. #2062
SHS Cert. #3315
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
7.1.3

Vendor

Palo Alto Networks
3000 Tannery Way
Santa Clara, CA 95054
USA

Jake Bajic
certifications@paloaltonetworks.com
Phone: 408-753-4000

Lab

InfoGard Laboratories, Inc.
NVLAP Code: 100432-0