Module Name
FortiProxy-400E/2000E/4000E
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
FortiProxy is a secure web/application proxy that protects users against internet-borne attacks by incorporating multiple detection techniques such as web filtering, DNS filtering, data loss prevention, antivirus, intrusion prevention and advanced threat protection. It helps enterprises enforce internet compliance using granular application control.
Approved Algorithms
| AES |
Certs. #C655, #C702, #C703, #C787, #C806, #C813 and #C832 |
| CVL |
Certs. #C702, #C703, #C806, #C813 and #C832 |
| DRBG |
Certs. #C658 and #C799 |
| ECDSA |
Certs. #C702, #C703, #C806, #C813 and #C832 |
| HMAC |
Certs. #C702, #C703, #C806, #C813 and #C832 |
| KTS |
AES Certs. #C655 and #C787 and HMAC Certs. #C702 and #C806; key establishment methodology provides 128 or 256 bits of encryption strength |
| KTS |
AES Certs. #C702 and #C806; key establishment methodology provides 128 or 256 bits of encryption strength |
| RSA |
Certs. #C702, #C806 and #C813 |
| SHS |
Certs. #C702, #C703, #C806, #C813 and #C832 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C702, #C703, #C806 and #C832, key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C702 and #C806, key agreement; key establishment methodology provides 128 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
C1AG57, C1AD93 and C1AG58 with Tamper Evident Seal Kit: FIPS-SEAL-RED
Firmware Versions
FortiProxy 1.0, b0066, 190423
