U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3034


Module Name
Blue Coat ProxySG S400-20 [1], S400-30 [2], S400-40 [3], S500-10 [4], S500-20 [5] and S500-30 [6]
FIPS 140-2
 Historical Reason
SP 800-56Arev3 transition
Overall Level
When operated in FIPS mode with the tamper evident seals and the opacity baffles installed as indicated in the Security Policy
Security Level Exceptions
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Multi-Chip Stand Alone
The Blue Coat ProxySG physical and virtual appliances are the core of Symantec’s Unified Security and Optimization solutions for business assurance. The appliances offer complete security and control of web traffic, providing rich policy constructs for threat protection, SSL traffic, authentication, filtering, data loss prevention and logging. ProxySG identifies malicious payloads and then filters, strips, blocks or replaces web content to mitigate risks and prevent data loss. The appliances also optimize web and internal application traffic for data, video, cloud and web applications.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Cert. #4552
CKG vendor affirmed
CVL Certs. #1231, #1233 and #1237
DRBG Cert. #1502
HMAC Certs. #3005 and #3006
KTS AES Cert. #4552; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2423; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2478 and #2479
SHS Certs. #3729 and #3730
Triple-DES Cert. #2423
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1231 with CVL Certs. #1233 and #1237, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1231 with CVL Certs. #1233 and #1237, key agreement; key establishment methodology provides 192 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength)
Hardware Versions
090-03075 [1], 090-03076 [1], 090-03079 [2], 090-03080 [2], 090-03083 [3], 090-03084 [3], 090-02998 [4], 090-02999 [4], 090-03000 [5], 090-03001 [5], 090-03579 [6] and 090-03580 [6] with FIPS Kit: HW-KIT-FIPS-400 [1,2,3] and HW-KIT-FIPS-500 [4,5,6]
Firmware Versions
6.7.2 and 6.7.5


Symantec, A Division of Broadcom
1320 Ridder Park Dr.
San Jose, CA 95131

Diana Robinson
Phone: 845.454.6397

Validation History

Date Type Lab
10/2/2017 Initial ACUMEN SECURITY, LLC
1/7/2022 Update ACUMEN SECURITY, LLC