Module Name
Juniper Networks SRX4600 Services Gateway
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode and with tamper evident seals installed as indicated in the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The SRX4600 is a high-performance, next-generation firewall supporting cloud-enabled enterprise data center, campus or service provider networks. It offers high-scale security services while providing scalability, ease of management, secure connectivity, and advanced threat mitigation capabilities.
Approved Algorithms
| AES |
Certs. #5454, #5455 and #5483 |
| CVL |
Certs. #1902 and #1903 |
| DRBG |
Certs. #2136, 2138 and #2139 |
| ECDSA |
Certs. #1455 and #1456 |
| HMAC |
Certs. #3609, #3610, #3612, #3613 and #3637 |
| KTS |
AES Certs. #5454 and #5455 and HMAC Certs. #3612 and #3613; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Certs. #2742 and #2743 and HMAC Certs. #3612 and #3613; key establishment methodology provides 112 bits of encryption strength |
| RSA |
Certs. #2928 and #2929 |
| SHS |
Certs. #4371, #4372, #4374, #4376 and #4400 |
| Triple-DES |
Certs. #2742, #2743 and #2760 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1903, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1902 and #1903, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
SRX4600-AC and SRX4600-DC with Tamper Seals JNPR-FIPS-TAMPER-LBLS
Firmware Versions
Junos OS 18.1R1
