Module Name
Juniper Networks ISG 1000 and ISG 2000
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Cryptographic Module Specification: Level 3
- EMI/EMC: Level 3
Embodiment
Multi-chip standalone
Description
The Juniper Networks NetScreen ISG 1000 and ISG 2000 are Internet security devices that integrate firewall, virtual private networking (VPN), and traffic shaping functions.
Through the VPN, the NetScreen ISG devices provide the following: IPSec standard security, Triple-DES, and Advanced Encryption Standard (AES) encryption, Manual and automated IKE (ISAKMP), and Use of RSA and DSA certificates.
Approved Algorithms
| AES |
Cert. #515 |
| DSA |
Cert. #213 |
| HMAC |
Cert. #266 |
| RNG |
Cert. #219 |
| RSA |
Cert. #229 |
| SHS |
Cert. #588 |
| Triple-DES |
Cert. #525 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 97 bits of encryption strength: non-compliant); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; MD5
Hardware Versions
P/N NS-ISG-1000 and NS-ISG-2000
Firmware Versions
ScreenOS 5.4.0r4, v5.4.0r5, 5.4.0r6, 5.4.0r7, 5.4.0r8, 5.4.0r9, 5.4.0r10, 5.4.0r11, 5.4.0r12, 5.4.0r13, 5.4.0r14, 5.4.0r15, 5.4.0r16, 5.4.0r17, 5.4.0r18 and 5.4.0r19
