This page was not yet optimized for use on mobile devices.
FortiManager 6.2
Certificate #4362
Webpage information ?
Document information ?
Security policy
Symmetric Algorithms
AES-256, AES, AES-, HMAC, HMAC-SHA-256Asymmetric Algorithms
ECDSA, Diffie-Hellman, DHHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
Key agreementProtocols
SSH, TLS, TLS 1.0, TLS 1.1, TLS 1.2Randomness
DRBG, RBGElliptic Curves
P-256, P-384, P-521Block cipher modes
CBC, CTR, GCMTrusted Execution Environments
SSCSecurity level
Level 1Certification process
out of scope, FortiManager v6.2, build9599. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. The module can also be executedStandards
FIPS 140-2, FIPS 140, FIPS140-2, NIST SP 800-90A, NIST SP 800-135, SP 800-52, SP 800-133, PKCS 1, RFC 5246, RFC 5288, RFC 4252File metadata
| Title: | FortiManager 6.2 FIPS 140-2 Level 1 Security Policy |
|---|---|
| Author: | Fortinet FIPS/CC Team |
| Creation date: | D:20221101115009-04'00' |
| Modification date: | D:20221102141111-04'00' |
| Pages: | 23 |
| Producer: | madbuild |
References
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
09.02.2023 The certificate data changed.
Certificate changed
The cert_id was updated.
- The new value is
4362.
The web extraction data was updated.
- The following values were inserted:
{'validation_history': [{'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2022-11-09', 'validation_type': 'Initial', 'lab': 'Lightship Security, Inc.'}], 'vendor_url': 'http://www.fortinet.com', 'certificate_pdf_url': 'https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2022_051222_0640_signed.pdf', 'hw_versions': None, 'fw_versions': 'FortiManager v6.2, build9599'}. - The standard property was set to
FIPS 140-2. - The status property was set to
active. - The level property was set to
1. - The embodiment property was set to
Multi-Chip Stand Alone. - The following properties were deleted:
['date_validation', 'algorithms', 'vendor_www', 'lab', 'lab_nvlap', 'security_policy_www', 'certificate_www', 'hw_version', 'fw_version', 'product_url'].
The PDF extraction data was updated.
- The following values were inserted:
{'policy_metadata': {'pdf_file_size_bytes': 486166, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 23, '/Author': 'Fortinet FIPS/CC Team', '/CreationDate': "D:20221101115009-04'00'", '/Keywords': '', '/ModDate': "D:20221102141111-04'00'", '/Producer': 'madbuild', '/Subject': '', '/Title': 'FortiManager 6.2 FIPS 140-2 Level 1 Security Policy', 'pdf_hyperlinks': {'_type': 'Set', 'elements': ['https://docs.fortinet.com/', 'https://support.fortinet.com/', 'https://www.fortinet.com/corporate/about-us/privacy.html', 'http://docs.fortinet.com/', 'http://kb.fortinet.com/', 'https://www.araneus.fi/products/alea2/en/', 'http://www.fortinet.com/products', 'https://blog.fortinet.com/', 'mailto:techdoc@fortinet.com', 'http://fortiguard.com/', 'http://www.fortinet.com/contact', 'https://fortiguard.com/', 'http://forticast.fortinet.com/', 'https://video.fortinet.com/', 'http://csrc.nist.gov/groups/STM/cmvp/index.html', 'http://www.fortinet.com/support', 'https://www.fortinet.com/doc/legal/EULA.pdf', 'https://training.fortinet.com/']}}}. - The following properties were deleted:
['cert_id', 'algorithms', 'clean_cert_ids', 'st_metadata'].
The computed heuristics were updated.
- The following values were inserted:
{'policy_prunned_references': {'_type': 'Set', 'elements': []}, 'module_prunned_references': {'_type': 'Set', 'elements': []}, 'policy_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'module_processed_references': {'_type': 'sec_certs.sample.certificate.References', 'directly_referenced_by': None, 'indirectly_referenced_by': None, 'directly_referencing': None, 'indirectly_referencing': None}, 'direct_transitive_cves': None, 'indirect_transitive_cves': None}. - The algorithms property was set to
{'_type': 'Set', 'elements': ['AES#C1987', 'RSA#A1063', 'HMAC#C1987', 'KAS#A1063', 'AES#C1907', 'ECDSA#A1063', 'RSA#C1987', 'KAS#C1987', 'AES#A1063', 'SHS#C1987', 'DRBG#C1984', 'CVL#C1987', 'KAS-SSC#A1063', 'KTS#C1987']}. - The following properties were deleted:
['keywords', 'unmatched_algs', 'clean_cert_ids', 'st_references', 'web_references'].
The state was updated.
- The following values were inserted:
{'module_download_ok': True, 'policy_download_ok': True, 'policy_convert_garbage': False, 'policy_convert_ok': True, 'module_extract_ok': True, 'policy_extract_ok': True, 'policy_pdf_hash': '7f1c8893642d3def169d45f3bd52700584e4ff3bc006cd26a7407bf8d7b97f9e', 'policy_txt_hash': '0415a3a52311bc087ad6ff790ff223e46a616257392ff030ded5b0d0c2cab0c2'}. - The following properties were deleted:
['sp_path', 'html_path', 'tables_done', 'file_status', 'txt_state'].
- The new value is
-
07.12.2022 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_www property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2022_051222_0640_signed.pdf.
- The certificate_www property was set to
-
12.11.2022 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4362,
"dgst": "43c33bc8917f6448",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#C1987",
"SHS#C1987",
"KAS-SSC#A1063",
"AES#C1907",
"RSA#C1987",
"CVL#C1987",
"KAS#A1063",
"KTS#C1987",
"RSA#A1063",
"DRBG#C1984",
"ECDSA#A1063",
"HMAC#C1987",
"AES#A1063",
"KAS#C1987"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"6.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDSA": {
"ECDSA": 11
}
},
"FF": {
"DH": {
"DH": 3,
"Diffie-Hellman": 7
}
}
},
"certification_process": {
"OutOfScope": {
"FortiManager v6.2, build9599. Any firmware version that is not shown on the module certificate is out of scope of this validation and requires a separate FIPS 140-2 validation. The module can also be executed": 1,
"out of scope": 1
}
},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 8
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"SSH": {
"SSH": 17
},
"TLS": {
"TLS": {
"TLS": 17,
"TLS 1.0": 1,
"TLS 1.1": 1,
"TLS 1.2": 1
}
}
},
"crypto_scheme": {
"KA": {
"Key agreement": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 10,
"P-384": 10,
"P-521": 10
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES (128": 1,
"AES 128": 1,
"AES 256": 2,
"AES-256": 1,
"HMAC SHA-1": 5,
"HMAC SHA-256": 8,
"HMAC SHA-384": 3,
"HMAC SHA-512": 3,
"HMAC-SHA-256": 2,
"PKCS 1": 1,
"RSA PKCS 1": 1,
"SHA- 256": 1,
"SHA-1": 11,
"SHA-256": 12,
"SHA-384": 5,
"SHA-512": 6
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 11
},
"SHA2": {
"SHA-256": 12,
"SHA-384": 5,
"SHA-512": 6
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 27
},
"RNG": {
"RBG": 1
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 1,
"FIPS 140-2": 39,
"FIPS140-2": 1
},
"NIST": {
"NIST SP 800-135": 1,
"NIST SP 800-90A": 1,
"SP 800-133": 1,
"SP 800-52": 1
},
"PKCS": {
"PKCS 1": 1
},
"RFC": {
"RFC 4252": 1,
"RFC 5246": 1,
"RFC 5288": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 22,
"AES-": 1,
"AES-256": 1
}
},
"constructions": {
"MAC": {
"HMAC": 21,
"HMAC-SHA-256": 1
}
}
},
"tee_name": {
"IBM": {
"SSC": 1
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Fortinet FIPS/CC Team",
"/CreationDate": "D:20221101115009-04\u002700\u0027",
"/Keywords": "",
"/ModDate": "D:20221102141111-04\u002700\u0027",
"/Producer": "madbuild",
"/Subject": "",
"/Title": "FortiManager 6.2 FIPS 140-2 Level 1 Security Policy",
"pdf_file_size_bytes": 486166,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://www.fortinet.com/contact",
"https://support.fortinet.com/",
"http://kb.fortinet.com/",
"http://forticast.fortinet.com/",
"https://www.araneus.fi/products/alea2/en/",
"http://csrc.nist.gov/groups/STM/cmvp/index.html",
"http://fortiguard.com/",
"https://blog.fortinet.com/",
"http://www.fortinet.com/support",
"https://www.fortinet.com/corporate/about-us/privacy.html",
"http://www.fortinet.com/products",
"https://training.fortinet.com/",
"https://www.fortinet.com/doc/legal/EULA.pdf",
"http://docs.fortinet.com/",
"https://fortiguard.com/",
"mailto:techdoc@fortinet.com",
"https://docs.fortinet.com/",
"https://video.fortinet.com/"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 23
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "7f1c8893642d3def169d45f3bd52700584e4ff3bc006cd26a7407bf8d7b97f9e",
"policy_txt_hash": "0415a3a52311bc087ad6ff790ff223e46a616257392ff030ded5b0d0c2cab0c2"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the entropy token installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role. No assurance of the minimum strength of generated keys",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2022_051222_0640_signed.pdf",
"date_sunset": "2026-09-21",
"description": "The FortiManager OS is a firmware operating system that runs exclusively on Fortinet\u0027s FortiManager product family. FortiManager units are PC-based, purpose built appliances.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 2",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "FortiManager v6.2, build9599",
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "FortiManager 6.2",
"module_type": "Firmware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": [
"FortiManager-300F with Intel\u00ae Core\u2122 i3-6100 processor"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-11-09",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Fortinet, Inc.",
"vendor_url": "http://www.fortinet.com"
}
}