Cryptographic Module Validation Program CMVP

Certificate #3101

Details

Module Name
Juniper Networks SRX300, SRX340, and SRX345 Services Gateways
Standard
FIPS 140-2
Status
Active
Sunset Date
1/1/2023
Validation Dates
01/02/2018
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Juniper Networks® SRX300 line of services gateways delivers a next-generation security and networking solution that supports the changing needs of cloud-enabled enterprise networks. By consolidating security, switching and routing in a single device, enterprises can protect against advanced security threats, overcome network complexity and improve application performance while reducing total cost of ownership. Customers can further enable secure SD-WAN capabilities that reduce band-width costs, simplify management and automate their WAN infrastructure.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4345, #4347, #4348 and #4362
CKG vendor affirmed
CVL Certs. #1051 and #1071
DRBG Cert. #1398
ECDSA Certs. #1038, #1040 and #1041
HMAC Certs. #2885, #2887, #2888 and #2902
KTS AES Cert. #4345 and HMAC Cert. #2885; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #4362 and HMAC Cert. #2902; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS Triple-DES Cert. #2349 and HMAC Cert. #2885; key establishment methodology provides 112 bits of encryption strength
KTS Triple-DES Cert. #2358 and HMAC Cert. #2902; key establishment methodology provides 112 bits of encryption strength
RSA Certs. #2358, #2360 and #2361
SHS Certs. #3582, #3584, #3585, #3586 and #3600
Triple-DES Certs. #2349, #2351, #2352 and #2358
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
Hardware Versions
SRX300, SRX340, and SRX345 with JNPR-FIPS-TAMPER-LBLS (P/N 520-052564)
Firmware Versions
JUNOS 15.1X49-D60

Vendor

Juniper Networks, Inc.
1133 Innovation Way
Sunnyvale, CA 94089
USA

Vann (Vanna) Nguyen
vann@juniper.net
Phone: 408-745-2000
Bill Shelton
bshelton@juniper.net
Phone: 408-745-2000

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0