This page was not yet optimized for use on mobile devices.
Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways
Certificate #4663
Webpage information ?
Document information ?
Security policy
Symmetric Algorithms
AES, CAST, DES, Triple-DES, TDES, TDEA, Blowfish, HMAC, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA 4096, RSA 2048, RSA 3072, ECDH, ECDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5Schemes
Key Exchange, Key Agreement, AEADProtocols
SSH, IKE, IKEv2, IKEv1, IPsec, VPNRandomness
DRBG, RNGLibraries
OpenSSLElliptic Curves
P-256, P-384, P-521, P-512Block cipher modes
CBC, CTR, GCMSecurity level
Level 2, Level 1, level 2, level 1Standards
FIPS 140-2, FIPS140-2, FIPS PUB 140-2, SP 800-67, SP 800-135, SP 800-90A, SP 800-131A, RFC 2409, RFC7296, RFC5282, RFC4106, RFC 4253, X.509File metadata
| Creation date: | D:20231120155927-05'00' |
|---|---|
| Modification date: | D:20231120155927-05'00' |
| Pages: | 52 |
References
Heuristics ?
CPE matches
- cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*
- cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*
References ?
No references are available for this certificate.
Updates ?
-
02.01.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4663,
"dgst": "731c883e561fe35d",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"KTS#C1107",
"CVL#C1085",
"HMAC#C1052",
"DRBG#C1106",
"AES#C1129",
"HMAC#C1079",
"RSA#C1110",
"ECDSA#C1151",
"HMAC#C1107",
"SHS#C1085",
"HMAC#C1085",
"SHS#C1129",
"DRBG#C1079",
"DRBG#C1085",
"HMAC#C1129",
"RSA#C1107",
"Triple-DES#C1085",
"AES#C1107",
"AES#C1084",
"ECDSA#C1085",
"AES#C1109",
"Triple-DES#C1107",
"HMAC#C1106",
"SHS#C1052",
"Triple-DES#C1129",
"AES#C1085",
"CVL#C1111",
"RSA#C1151",
"CVL#C1084",
"CVL#C1113",
"SHS#C1109",
"DRBG#C1084",
"Triple-DES#C1109",
"Triple-DES#C1084",
"HMAC#C1109",
"SHS#C1079",
"ECDSA#C1107",
"SHS#C1107",
"SHS#C1084",
"DRBG#C1107",
"SHS#C1106",
"HMAC#C1084"
]
},
"cpe_matches": {
"_type": "Set",
"elements": [
"cpe:2.3:h:juniper:srx320:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx5400:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx345:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx550:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx300:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx340:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx5800:-:*:*:*:*:*:*:*",
"cpe:2.3:h:juniper:srx5600:-:*:*:*:*:*:*:*"
]
},
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"19.2"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
},
"ECDH": {
"ECDH": 10
},
"ECDSA": {
"ECDSA": 25
}
},
"FF": {
"DH": {
"DH": 15,
"Diffie-Hellman": 9
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 2048": 17,
"RSA 3072": 2,
"RSA 4096": 11
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 9
},
"CTR": {
"CTR": 2
},
"GCM": {
"GCM": 12
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 3
}
},
"crypto_protocol": {
"IKE": {
"IKE": 33,
"IKEv1": 6,
"IKEv2": 9
},
"IPsec": {
"IPsec": 27
},
"SSH": {
"SSH": 35
},
"VPN": {
"VPN": 1
}
},
"crypto_scheme": {
"AEAD": {
"AEAD": 4
},
"KA": {
"Key Agreement": 5
},
"KEX": {
"Key Exchange": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-256": 50,
"P-384": 20,
"P-512": 2,
"P-521": 6
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 5,
"AES GCM19": 1,
"DRBG 2": 1,
"HMAC SHA-1": 1,
"HMAC SHA-256": 5,
"HMAC-SHA- 256": 6,
"HMAC-SHA- 38425": 2,
"HMAC-SHA-1": 4,
"HMAC-SHA-1- 96": 2,
"HMAC-SHA-256": 6,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"HMAC-SHA1- 96": 1,
"RSA 2048": 17,
"RSA 3072": 2,
"RSA 4096": 11,
"SHA 1, 256": 1,
"SHA 256": 12,
"SHA 384": 2,
"SHA 512": 1,
"SHA-1": 11,
"SHA-256": 18,
"SHA-384": 5,
"SHA-512": 3
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 1": 1,
"level 2": 1
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 1
}
},
"SHA": {
"SHA1": {
"SHA-1": 11
},
"SHA2": {
"SHA-256": 23,
"SHA-384": 3,
"SHA-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 15
},
"RNG": {
"RNG": 2
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 7,
"FIPS PUB 140-2": 1,
"FIPS140-2": 1
},
"NIST": {
"SP 800-131A": 8,
"SP 800-135": 2,
"SP 800-67": 4,
"SP 800-90A": 7
},
"RFC": {
"RFC 2409": 1,
"RFC 4253": 1,
"RFC4106": 2,
"RFC5282": 1,
"RFC7296": 1
},
"X509": {
"X.509": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 29
},
"CAST": {
"CAST": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"TDES": 3,
"Triple-DES": 31
},
"DES": {
"DES": 1
}
},
"constructions": {
"MAC": {
"HMAC": 27,
"HMAC-SHA-256": 3,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
},
"miscellaneous": {
"Blowfish": {
"Blowfish": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/CreationDate": "D:20231120155927-05\u002700\u0027",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_ActionId": "15f92b67-224a-415d-a546-8cebb245dcaf",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Application": "Microsoft Azure Information Protection",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Enabled": "True",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Extended_MSFT_Method": "Automatic",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Name": "Juniper Business Use Only",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_Owner": "shebbar@juniper.net",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SetDate": "2019-06-28T05:46:17.5561117Z",
"/MSIP_Label_0633b888-ae0d-4341-a75f-06e04137d755_SiteId": "bea78b3c-4cdb-4130-854a-1d193232e5f4",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ActionId": "4d5b3dfd-af97-4f3c-ab52-629a9500ec32",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_ContentBits": "0",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Enabled": "true",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Method": "Privileged",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_Name": "Unrestricted",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SetDate": "2023-11-20T20:59:02Z",
"/MSIP_Label_c968a81f-7ed4-4faa-9408-9652e001dd96_SiteId": "b64da4ac-e800-4cfc-8931-e607f720a1b8",
"/ModDate": "D:20231120155927-05\u002700\u0027",
"pdf_file_size_bytes": 4059214,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31503",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31507",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31506",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31476",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31548",
"https://www.juniper.net/documentation/en_US/release-independent/junos/information-products/pathway-pages/hardware/SRX550/srx550-hm-index.pdf",
"http://www.juniper.net/assets/us/en/local/pdf/datasheets/1000550-en.pdf",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31508",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31504",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31526",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31482",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31481",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?validation=31449",
"http://www.juniper.net/assets/us/en/local/pdf/datasheets/1000254-en.pdf"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 52
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "caf3c21e5714cee4f58ba3777902742e6a62d552ba0b0ec44db8ccf001d93171",
"policy_txt_hash": "ad7918404bf21e6827e7a740bdce1c5bd8dcea4416fc7892aa2f77eb3e628f36"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode, installed, initialized and configured as specified in Sections 1.2 and 5 of the Security Policy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2023_111223_0648_signed.pdf",
"date_sunset": "2025-10-26",
"description": "The Juniper Networks SRX Series Services Gateways are a series of secure routers that provide essential capabilities to connect, secure, and manage work force locations sized from handfuls to hundreds of users. By consolidating fast, highly available switching, routing, security, and applications capabilities in a single device, enterprises can economically deliver new services, safe connectivity, and a satisfying end user experience.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 3",
"Design Assurance: Level 3",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "JUNOS OS 19.2R1",
"historical_reason": null,
"hw_versions": "[SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800] with JNPR-FIPS-TAMPER-LBLS",
"level": 2,
"mentioned_certs": {},
"module_name": "Juniper Networks SRX300, SRX320, SRX340, SRX345, SRX345-DUAL-AC, SRX550M, SRX5400, SRX5600 and SRX5800 Services Gateways",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": null,
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2023-11-28",
"lab": "LEIDOS CSTL",
"validation_type": "Initial"
}
],
"vendor": "Juniper Networks, Inc",
"vendor_url": "http://www.juniper.net"
}
}