Cryptographic Module Validation Program CMVP

Certificate #2948

Details

Module Name
Juniper Networks SRX5400, SRX5600, and SRX5800 Services Gateways with Junos 15.1X49-D75
Standard
FIPS 140-2
Status
Active
Sunset Date
7/5/2022
Validation Dates
07/06/2017;07/28/2017
Overall Level
2
Caveat
When operated in FIPS mode and with tamper-evident seals installed as indicated in the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Juniper Networks® SRX5400, SRX5600, and SRX5800 Services Gateways are next-gen intelligent security platforms ideally suited for service provider, large enterprise, and public sector networks. Based on a revolutionary architecture offering superior protection, performance, scalability, services integration, and six nines of carrier-grade reliability the SRX5000 series are custom designed to deliver the highest level of protection incorporating advanced services such as application security, Unified Threat Management (UTM), Intrusion Prevention (IPS), and integrated threat intelligence.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4393, #4394 and #4395
CKG vendor affirmed
CVL Certs. #1095 and #1096
DRBG Certs. #1415 and #1423
DSA Certs. #1172 and #1173
ECDSA Certs. #1053 and #1054
HMAC Certs. #2919, #2920 and #2921
KTS AES Cert. #4393 and HMAC Cert. #2919; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #4394 and HMAC Cert. #2920; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2368 and HMAC Cert. #2919; key establishment methodology provides 112 bits of encryption strength
KTS Triple-DES Cert. #2369 and HMAC Cert. #2920; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2377 and #2383
SHS Certs. #3621, #3622, #3623 and #3624
Triple-DES Certs. #2368, #2369 and #2370
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1095 and #1096, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1095 and #1096, key agreement; key establishment methodology provides 128 or 192 bit of encryption strength); NDRNG
Hardware Versions
SRX5400, SRX5600, SRX5800 with components identified in Security Policy Table 1 and JNPR-FIPS-TAMPER-LBLS
Firmware Versions
JUNOS-FIPS-MODE 15.1X49-D75

Vendor

Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

Bill Shelton
bshelton@juniper.net
Phone: 408-745-2000
Vann (Vanna) Nguyen
vann@juniper.net
Phone: 408-745-2000

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0