Module Name
Network Security Platform Sensor NS-7100, NS-7200 and NS-7300
Historical Reason
Moved to historical list in accordance with SP800-131A Revision 1 Transition (AES/TDES key wrapping)
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy. The protocol SNMP shall not be used when operated in FIPS mode.
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Network Security Platform products (formerly known as IntruShield) are Intrusion Prevention Systems (IPS) that protect network infrastructures and endpoints from intrusions such as zero-day, DoS, spyware, VoIP, botnet, malware, phishing, and encrypted attacks with highly accurate, enterprise-class risk-aware intrusion prevention. The Network Security Management system manages the sensor deployments and permits the customer to receive real-time network status updates and alerts, implement customized security policies and incident response plans, and perform forensic analysis of attacks.
Other Algorithms
AES (Cert. #3156, key wrapping; key establishment methodology provides 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); HMAC-SHA-1-96 (HMAC Cert. #1989); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); AES (non-compliant); DES; HMAC (non-compliant); MD5; RC4; RSA (non-compliant); SHS (non-compliant); SNMP KDF (non-compliant); Triple-DES (non-compliant)
Hardware Versions
P/Ns IPS-NS7100 Version 1.10, IPS-NS7200 Version 1.10 and IPS-NS7300 Version 1.10; FIPS Kit P/N IAC-FIPS-KT2
Firmware Versions
8.1.17.16