U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4100

Details

Module Name
Sophos Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
12/2/2023
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Sophos Cryptographic Module is a general-purpose cryptographic library incorporated into the Sophos Firewall systems to provide FIPS 140-2 validated cryptography for the protection of sensitive information.
Tested Configuration(s)
  • Sophos Firewall Operating System (SFOS) 18.5 running on XGS 3100 with AMD Ryzen Embedded V1780B with PAA
  • Sophos Firewall Operating System (SFOS) 18.5 running on XGS 3100 with AMD Ryzen Embedded V1780B without PAA (single user mode)
Approved Algorithms
AES Cert. #A1398
CKG vendor affirmed
DRBG Cert. #A1398
DSA Cert. #A1398
ECDSA Cert. #A1398
HMAC Cert. #A1398
KAS-SSC vendor affirmation
RSA Cert. #A1398
SHS Cert. #A1398
Triple-DES Cert. #A1398
Allowed Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
1.0
Product URL
https://www.sophos.com/en-us/products/next-gen-firewall.aspx

Vendor

Sophos Limited
The Pentagon, Abingdon Science Park
Abingdon OX14 3YP
United Kingdom

Martin Becker
certifications@sophos.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
12/13/2021 Initial ACUMEN SECURITY, LLC