Module Name
Juniper Networks SRX345, SRX345-DUAL-AC, SRX380 and SRX1500 Services Gateway
Historical Reason
SP 800-56Arev3 transition - replaced by certificate #4625
Caveat
When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy. The JNPR-FIPS-TAMPER-LBLS tamper evident seals installed as indicated in Section 5 of the Security Policy
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.
Approved Algorithms
AES |
Certs. #C2028, #C2031, #C2034, #C2035, #C2036, #C2039 and #C2094 |
CVL |
Certs. #C2028, #C2031, #C2033, #C2039, #C2040 and #C2094 |
DRBG |
Certs. #C2028, #C2029, #C2031, #C2037, #C2039 and #C2094 |
ECDSA |
Certs. #C2031, #C2032, #C2039 and #C2094 |
HMAC |
Certs. #C2028, #C2029, #C2030, #C2031, #C2034, #C2036, #C2037, #C2038, #C2039 and #C2094 |
KAS-SSC |
vendor affirmed |
KTS |
AES Certs. #C2028 and #C2094; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #C2028, #C2031, #C2039 and #C2094 and HMAC Certs. #C2028, #C2031, #C2039 and #C2094; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Certs. #C2028, #C2031, #C2039 and #C2094 and HMAC Certs. #C2028, #C2031, #C2039 and #C2094; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #C2031, #C2032, #C2039 and #C2094 |
SHS |
Certs. #C2028, #C2029, #C2030, #C2031, #C2034, #C2036, #C2037, #C2038, #C2039 and #C2094 |
Triple-DES |
Certs. #C2028, #C2031, #C2034, #C2036, #C2039 and #C2094 |
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #C2031 and #C2039 with CVL Certs. #C2033 and #C2040, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
SRX345, SRX345-DUAL-AC, SRX380, SRX1500 SYS-JB-AC and SRX1500 SYS-JB-DC with JNPR-FIPS-TAMPER-LBLS
Firmware Versions
Junos OS 20.2R1