Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4777

Details

Module Name
Panorama 10.2 M-200, M-300, M-600 and M-700
Standard
FIPS 140-3
Status
Active
Sunset Date
8/22/2026
Overall Level
2
Caveat
Interim Validation. When operated in approved mode and when installed, initialized and configured as specified in Section 11 of the Security Policy. The tamper evident seals and physical kit installed as indicated in the Security Policy
Security Level Exceptions
  • Roles, services, and authentication: Level 3
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Life-cycle assurance: Level 3
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
Panorama M-Series management appliances provide centralized management and visibility of Palo Alto Networks next generation firewalls. From a central location, you can gain insight into applications, users, and content traversing the firewalls. The knowledge of what is on the network, in conjunction with safe application enablement policies, maximizes protection and control while minimizing administrative effort. Your security team can centrally perform analysis, reporting, and forensics with the aggregated data over time, or on data stored on the local firewall.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES-CBC
AES-CFB128
AES-CTR
AES-GCM
Conditioning Component AES-CBC-MAC SP800-90B
Conditioning Component AES-CBC-MAC SP800-90B
Counter DRBG
ECDSA KeyGen (FIPS186-4)
ECDSA KeyVer (FIPS186-4)
ECDSA SigGen (FIPS186-4)
ECDSA SigVer (FIPS186-4)
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-512
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
KDF SNMP
KDF SSH
KDF TLS
RSA KeyGen (FIPS186-4)
RSA SigGen (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
Safe Primes Key Verification
SHA-1
SHA2-224
SHA2-256
SHA2-384
SHA2-512
Entropy
ENT (NP)
Hardware Versions
910-000175 with FIPS Kit 920-000209, 910-000176 with FIPS Kit 920-000208, 910-000270 with FIPS Kit 920-000318, 910-000271 with FIPS Kit 920-000319
Firmware Versions
10.2.3-h1

Vendor

Palo Alto Networks, Inc.
3000 Tannery Way
Santa Clara, CA 95054
USA

Jake Bajic
certifications@paloaltonetworks.com
Phone: 408-753-4000
Amir Shahhosseini
certifications@paloaltonetworks.com
Phone: 408-753-4000

Validation History

Date Type Lab
8/23/2024 Initial LEIDOS CSTL