Module Name
FortiGate-VM 6.4 and 7.0
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy and with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 2
Module Type
Software-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-VM 6.4 and 7.0 is a software-hybrid module designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor. The module provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering, traffic shaping, and HA capabilities.
Tested Configuration(s)
- FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token
- FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token
- FortiOS 6.4 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token
- FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-165) with an Intel® Xeon® E-2276ME processor and the Araneus Alea II entropy token (single-user mode)
- FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-45) with an Intel® Xeon® E3-1515M processor and the Araneus Alea II entropy token
- FortiOS 7.0 on VMWare ESXi 6.7 running on a PacStar 451 (P/N: 075-0451-55) with an Intel® Xeon® D-1559 processor and the Araneus Alea II entropy token
Approved Algorithms
AES |
Certs. #A2291, #A2292, #A2298 and #A2299 |
CVL |
Certs. #A2298 and #A2299 |
DRBG |
Certs. #A2291 and #A2292 |
ECDSA |
Certs. #A2298 and #A2299 |
HMAC |
Certs. #A2291, #A2292, #A2298 and #A2299 |
KAS |
KAS-SSC Certs. #A2298 and #A2299, CVL Certs. #A2298 and #A2299 |
KAS-SSC |
Certs. #A2298 and #A2299 |
KTS |
AES Certs. #A2298 and #A2299 and HMAC Certs. #A2298 and #A2299; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Certs. #A2298 and #A2299; key establishment methodology provides 128 or 256 bits of encryption strength |
RSA |
Certs. #A2298 and #A2299 |
SHS |
Certs. #A2291, #A2292, #A2298 and #A2299 |
Hardware Versions
Intel® Xeon® D-1559, Intel® Xeon® E3-1515M and Intel® Xeon® E-2276ME
Software Versions
FortiOS 6.4 (FIPS-CC-64-5) and FortiOS 7.0 (FIPS-CC-70-6)