Cryptographic Module Validation Program

Cryptographic Module Validation Program CMVP

Certificate #949

Historical - The referenced cryptographic module should not be included by Federal Agencies in new procurements. Agencies may make a risk determination on whether to continue using this module based on their own assessment of where and how it is used.

Details

Module Name

FortiClient Crypto Module

Standard

FIPS 140-2

Status

Historical

Historical Reason

RNG SP800-131A Revision 1 Transition

Overall Level

Caveat

When operated in FIPS mode

Module Type

Software

Embodiment

Multi-chip embedded

Description

The FortiClient Crypto Module provides cryptographic services for Fortinet's FortiClient Host Security product (hereafter referred to as FortiClient). The primary purpose of the module is providing cryptographic support for FortiClient's IPSec feature. The module also provides cryptographic support for protecting FortiClient's critical security parameters, passwords and configuration information. The module is distributed as part of the FortiClient software package.

Tested Configuration(s)

Dell Optiplex GX270 runnning Windows XP Professional
SP2 with security patches 907865, 27802, 928255, 885835, 888302, 885250, 873333, 890859, 896422, 899587, 899588, and 896423

Approved Algorithms

AES	Certs. #679 and #680
HMAC	Certs. #360 and #361
RNG	Cert. #396
RSA	Cert. #317
SHS	Certs. #709 and #710
Triple-DES	Certs. #621 and #622

Other Algorithms

DES; MD5; HMAC MD5; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 110 bits of encryption strength; non-compliant)

Software Versions

3.0.470

Product URL

http://www.fortinet.com/products/forticlient.html

Vendor

Fortinet, Inc.
326 Moodie Drive
Ottawa, ON K2H 8G3
Canada

Jeff Lake, Vice President, Federal Operations
jlake@fortinet.com
Phone: 678-402-8021
Fax: 678-402-8021

Related Files

Security Policy
Certificate

Validation History

Date	Type	Lab
5/22/2008	Initial	DOMUS
6/13/2008	Update