Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4415

Details

Module Name
FortiGate-VM 6.4 and 7.0
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy and with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Design Assurance: Level 2
Module Type
Software-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-VM 6.4 and 7.0 is a software-hybrid module designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor. The module provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering, traffic shaping, and HA capabilities.
Tested Configuration(s)
  • FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token
  • FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token
  • FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token
  • FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token (single-user mode)
  • FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token
  • FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token
Approved Algorithms
AES Certs. #A2291, #A2292, #A2298 and #A2299
CVL Certs. #A2298 and #A2299
DRBG Certs. #A2291 and #A2292
ECDSA Certs. #A2298 and #A2299
HMAC Certs. #A2291, #A2292, #A2298 and #A2299
KAS KAS-SSC Certs. #A2298 and #A2299, CVL Certs. #A2298 and #A2299
KAS-SSC Certs. #A2298 and #A2299
KTS AES Certs. #A2298 and #A2299 and HMAC Certs. #A2298 and #A2299; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #A2298 and #A2299; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Certs. #A2298 and #A2299
SHS Certs. #A2291, #A2292, #A2298 and #A2299
Allowed Algorithms
N/A
Hardware Versions
Intel® Xeon® D-1559, Intel® Xeon® E3-1515M and Intel® Xeon® E-2276ME
Software Versions
FortiOS 6.4 (FIPS-CC-64-5) and FortiOS 7.0 (FIPS-CC-70-6)

Vendor

Fortinet, Inc.
16 Fitzgerald Road
Ottawa, ON K2H 8R6
Canada

Alan Kaye
akaye@fortinet.com
Phone: 613-225-9381 x87416
Fax: 613-225-2951

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
1/16/2023 Initial Lightship Security, Inc.