Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4784

Details

Module Name
Wildfire 10.2 WF-500 and WF-500-B
Standard
FIPS 140-3
Status
Active
Sunset Date
8/28/2026
Overall Level
2
Caveat
When installed, initialized and configured as specified in Section 11 of the Security Policy. The tamper evident seals and Physical Kit installed as indicated in the Security Policy. The module generates SSPs (e.g., keys) whose strengths are modified by available entropy
Security Level Exceptions
  • Roles, services, and authentication: Level 3
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Life-cycle assurance: Level 3
  • Mitigation of other attacks: N/A
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The Wildfire 10.2 WF-500 and WF-500-B from Palo Alto Networks Inc. cryptographic modules designed to identify unknown malware, zero-day exploits, and Advanced Persistent Threats (APTs) through dynamic analysis, and automatically disseminates protection in near real-time to help security teams meet the challenge of advanced cyber-attacks.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES-CBC
A2906
AES-CFB128
A2906
AES-CTR
A2906
AES-GCM
A2906
Conditioning Component AES-CBC-MAC SP800-90B
A2518
Counter DRBG
A2906
ECDSA KeyGen (FIPS186-4)
A2906
ECDSA KeyVer (FIPS186-4)
A2906
ECDSA SigGen (FIPS186-4)
A2906
ECDSA SigVer (FIPS186-4)
A2906
HMAC-SHA-1
A2906
HMAC-SHA2-224
A2906
HMAC-SHA2-256
A2906
HMAC-SHA2-384
A2906
HMAC-SHA2-512
A2906
KAS-ECC-SSC Sp800-56Ar3
A2906
KAS-FFC-SSC Sp800-56Ar3
A2906
KDF IKEv2
A2906
KDF SNMP
A2906
KDF SSH
A2906
KDF TLS
A2906
RSA KeyGen (FIPS186-4)
A2906
RSA SigGen (FIPS186-4)
A2906
RSA SigVer (FIPS186-4)
A2906
Safe Primes Key Generation
A2906
Safe Primes Key Verification
A2906
SHA-1
A2906
SHA2-224
A2906
SHA2-256
A2906
SHA2-384
A2906
SHA2-512
A2906
Entropy
ENT (NP)
Hardware Versions
910-000097 with FIPS Kit 920-000145, 910-000270 with FIPS Kit 920-000318
Firmware Versions
10.2.3-h1

Vendor

Palo Alto Networks, Inc.
3000 Tannery Way
Santa Clara, California 95054
USA

Jake Bajic
[email protected]
Phone: 408-753-4000
 Amir Shahhosseini
[email protected]
Phone: 408-753-4000

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
8/29/2024 Initial LEIDOS CSTL
3/13/2025 Update LEIDOS CSTL