Module Name
Huawei USG 9520/9560/9580 Firewall
Historical Reason
186-2 transition
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Huawei USG Firewalls ensure secure services for large data centers, cloud computing environments, and enterprise campus networks. Integrated switching, routing, and security enable smooth upgrades, easy virtualization, and terabit-level processing capability - all with carrier-grade reliability in a compact, space-saving form factor. NP + multi-core + distributed architecture integrates security, virtualization, and comprehensive service awareness with continuous database updates to optimize protection.
Approved Algorithms
AES |
Certs. #4450 and #4451 |
CKG |
vendor affirmed |
CVL |
Certs. #1150, #1151, #1152 and #1153 |
DRBG |
Certs. #1441 and #1442 |
ECDSA |
Cert. #1084 |
HMAC |
Certs. #2953 and #2954 |
KTS |
AES Cert. #4451 and HMAC Cert. #2954; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Cert. #2393 and HMAC Cert. #2954; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #2431 and #2432 |
SHS |
Certs. #3663 and #3664 |
Triple-DES |
Certs. #2392 and #2393 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1150 and #1152, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1151 and #1153, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
Base Models: USG9520 (P/N 02350FRU Rev D.2) [1], USG9560 (P/N 02350FRW Rev D.2) [2] and USG9580 (P/N 02350FRX Rev D.2) [3]; SPU/SPC cards: SPU-X3-B (P/N 03056640) [1, 2, 3], SPU-X3-B2 (P/N 03056989) [1, 2, 3], SPU-X8X16-B (P/N 03056638) [1, 2, 3], SPC-20-O-E8KE (P/N 03056636) [1, 2, 3], SPU-X3-20-O-E8KE (P/N 03056634) [1, 2, 3], SPU-X8X16-20-O-E8KE (P/N 03056635) [1, 2, 3], SPC-APPSEC-FW (P/N 03056688) [1, 2, 3], SPUA-20-O-H (P/N 03057426) [1, 2, 3], SPUA-20-O-M (P/N 03057427) [1, 2, 3], SPCA-20-O-H&M (P/N 03057429) [1, 2, 3], SPUB-20-O-H (P/N 03057520) [1, 2, 3], SPUB-20-O-M (P/N 03057518) [1, 2, 3], SPCB-20-O-H&M (P/N 03057522) [1, 2, 3]; External Baffle: 99089JEB, Version A.2 [1, 3]; Tamper Seal 4057-113016, Version A.3 [1, 2, 3]
Firmware Versions
V500R001C50