Cryptographic Module Validation Program CMVP

Certificate #3058

Details

Module Name
Huawei USG 9520/9560/9580 Firewall
Standard
FIPS 140-2
Status
Historical
 Historical Reason
186-2 transition
Validation Dates
11/07/2017
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Huawei USG Firewalls ensure secure services for large data centers, cloud computing environments, and enterprise campus networks. Integrated switching, routing, and security enable smooth upgrades, easy virtualization, and terabit-level processing capability - all with carrier-grade reliability in a compact, space-saving form factor. NP + multi-core + distributed architecture integrates security, virtualization, and comprehensive service awareness with continuous database updates to optimize protection.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4450 and #4451
CKG vendor affirmed
CVL Certs. #1150, #1151, #1152 and #1153
DRBG Certs. #1441 and #1442
ECDSA Cert. #1084
HMAC Certs. #2953 and #2954
KTS AES Cert. #4451 and HMAC Cert. #2954; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2393 and HMAC Cert. #2954; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2431 and #2432
SHS Certs. #3663 and #3664
Triple-DES Certs. #2392 and #2393
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1150 and #1152, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1151 and #1153, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
Base Models: USG9520 (P/N 02350FRU Rev D.2) [1], USG9560 (P/N 02350FRW Rev D.2) [2] and USG9580 (P/N 02350FRX Rev D.2) [3]; SPU/SPC cards: SPU-X3-B (P/N 03056640) [1, 2, 3], SPU-X3-B2 (P/N 03056989) [1, 2, 3], SPU-X8X16-B (P/N 03056638) [1, 2, 3], SPC-20-O-E8KE (P/N 03056636) [1, 2, 3], SPU-X3-20-O-E8KE (P/N 03056634) [1, 2, 3], SPU-X8X16-20-O-E8KE (P/N 03056635) [1, 2, 3], SPC-APPSEC-FW (P/N 03056688) [1, 2, 3], SPUA-20-O-H (P/N 03057426) [1, 2, 3], SPUA-20-O-M (P/N 03057427) [1, 2, 3], SPCA-20-O-H&M (P/N 03057429) [1, 2, 3], SPUB-20-O-H (P/N 03057520) [1, 2, 3], SPUB-20-O-M (P/N 03057518) [1, 2, 3], SPCB-20-O-H&M (P/N 03057522) [1, 2, 3]; External Baffle: 99089JEB, Version A.2 [1, 3]; Tamper Seal 4057-113016, Version A.3 [1, 2, 3]
Firmware Versions
V500R001C50

Vendor

Huawei Technologies Co., Ltd.
101 Software Avenue
Yuhuatai District
NANJING, JIANGSU 210000
CHINA

Yang Ze (Allen)
yangze1@huawei.com
Phone: +86 15919432118
Baiwen Xin
baiwenxin@huawei.com
Phone: +86 18969126628

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0