Module Name
Juniper Networks vSRX Virtual Firewall
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The vSRX delivers a complete and integrated virtual security solution, including unified threat management(UTM), intrusion detection and prevention (IDP), granular application control and robust networking. It provides seamless automated life cycle management capabilities making it an ideal solution for Service Providers, Cloud and Enterprise deployments. The vSRX supports Juniper Networks Contrail, OpenContrail, Openstack and other third-party solutions.
Tested Configuration(s)
- JUNOS 15.1X49-D100 on VMWare ESXi 5.5 on a Server HP ProLiant DL380 Gen9 (single-user mode)
Approved Algorithms
| AES |
Certs. #4719, #4720 and #4723 |
| CKG |
vendor affirmed |
| CVL |
Certs. #1362 and #1391 |
| DRBG |
Certs. #1608 and #1609 |
| ECDSA |
Certs. #1166 and #1167 |
| HMAC |
Certs. #3136, #3137 and #3140 |
| KTS |
AES Certs. #4719 and #4720 and HMAC Certs. #3136 and #3137; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Certs. #2501 and #2502 and HMAC Certs. #3136 and #3137; key establishment methodology provides 112 bits of encryption strength |
| RSA |
Certs. #2572 and #2573 |
| SHS |
Certs. #3864, #3865, #3868 and #3895 |
| Triple-DES |
Certs. #2501, #2502 and #2505 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1362 and #1391, key agreement; key establishment methodology provides between 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1362 and #1391, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
Software Versions
JUNOS 15.1X49 - D100
