U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3751

Details

Module Name
WatchGuard Firebox T15[1], T15-W[2], T35[3], T35-W[4], T55[5], T55-W[6], T70[7]
Standard
FIPS 140-2
Status
Active
Sunset Date
11/30/2025
Validation Dates
12/01/2020
Overall Level
2
Caveat
When operated in FIPS mode and with the tamper-evident seals installed as indicated in the Security Policy
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
WatchGuard® Firebox appliances are built for enterprise-grade performance with blazing throughput and numerous connectivity options. Advanced networking features include clustering, high availability (active/active), VLAN support, multi-WAN load balancing and enhanced VoIP security, plus inbound and outbound HTTPS inspection, to give the strong security enterprises need. And the FIREBOX appliances are completely configurable - turn on or off components and services to fit different network security deployment requirements.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #5909, #5910, #5911, #5912, #5924 and #5925
CKG Vendor Affirmed
CVL Certs. #2140, #2141, #2142 and #2143
DRBG Certs. #2471, #2472, #2473 and #2474
HMAC Certs. #3891, #3892, #3893, #3894, #3904 and #3905
RSA Certs. #3098, #3099, #3100 and #3101
SHS Certs. #4667, #4668, #4669, #4670, #4680 and #4681
Triple-DES Certs. #2871, #2872, #2873, #2874, #2883 and #2884
Allowed Algorithms
Diffie-Hellman (CVL Certs. #2140, #2141, #2142 and #2143, key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #2140, #2141, #2142 and #2143, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
MS1AE3 [1]; MS1AE3W [2]; MS3AE5 [3]; MS3AE5W [4]; MS5AE5 [5]; MS5AE5W [6]; WS7AE8 [7]; FIPS Kit P/N: WG8566
Firmware Versions
Fireware OS v12.3.1

Vendor

WatchGuard Technologies, Inc.
505 Fifth Avenue South, Suite 500
Seattle, WA 98104
USA

Peter Eng
Peter.Eng@watchguard.com
Phone: 206-613-6600

Lab

EWA CANADA
NVLAP Code: 200556-0