Module Name
FireEye NX Series: NX1500, NX2500, NX2550, NX3500, NX4500, NX5500, NX6500
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Section 3 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.
Approved Algorithms
AES |
Cert. #C1720 |
CKG |
vendor affirmed |
CVL |
Cert. #C1720 |
DRBG |
Certs. #C1720 and #C1934 |
DSA |
Cert. #C1720 |
ECDSA |
Cert. #C1720 |
HMAC |
Certs. #C1720 and #C1934 |
KAS-SSC |
vendor affirmed |
KTS |
AES Cert. #C1720 and HMAC Cert. #C1720; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
Triple-DES Cert. #C1720 and HMAC Cert. #C1720; key establishment methodology provides 112 bits of encryption strength |
RSA |
Cert. #C1720 |
SHS |
Certs. #C1720 and #C1934 |
Triple-DES |
Cert. #C1720 |
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
NX1500, NX2500, NX2550, NX3500, NX4500, NX5500, NX6500