Certificate 1499 - PA-500, PA-2000 Series and PA-4000 Series Firewalls
intCertNum 1499
strVendorName Palo Alto Networks
strURL http://www.paloaltonetworks.com
strAddress1 232 E. Java Drive
strAddress2
strAddress3
strCity Sunnyvale
strStateProv CA
strPostalCode 94089
strCountry 94089
strContact Nicholas Campagna
strEmail certifications@paloaltonetworks.com
strPhone 408-738-7700
strFax 408-738-7701
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1499
strModuleName PA-500, PA-2000 Series and PA-4000 Series Firewalls
strPartNumber Hardware Versions: HW P/N 910-000006-00D Rev. D with FIPS Kit P/N 920-000005-001 Rev. 1 (PA-500), HW P/N 910-000004-00K Rev. K with FIPS Kit P/N 920-000004-001 Rev. 1 (PA-2020), HW P/N 910-000003-00K Rev. K with FIPS Kit P/N 920-000004-001 Rev. 1 (PA-2050), HW P/N 910-000002-00Q Rev. Q with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4020), HW P/N 910-000001-00P Rev. P with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4050) and HW P/N 910-000005-00G Rev. G with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4060);
Firmware Version: 3.1.2 or 3.1.7-h1
memModuleNotes When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL
strModuleType Hardware
strValidationDate 02/10/2011;06/21/2011
intOverallLevel 2
memIndividualLevelNotes -Cryptographic Module Specification: Level 3;-Roles, Services, and Authentication: Level 3;-Design Assurance: Level 3
strFIPSAlgorithms AES (Cert. #1378);
Triple-DES (Cert. #950);
RSA (Cert. #675);
DSA (Cert. #451);
HMAC (Cert. #810);
SHS (Cert. #1259);
RNG (Cert. #760)
strOtherAlgorithms Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides 112 bits of encryption strength);
MD5;
RC4;
Camellia;
RC2;
SEED;
DES
strConfiguration Multi-chip standalone
memModuleDescription Palo Alto Network's next-generation firewalls provide network security by enabling enterprises to see and control applications, users, and content - not just ports, IP addresses, and packets - using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications, instead of the traditional ""all-or-nothing"" approach offered by traditional port-blocking firewalls.
intModuleCount 1
memAdditionalNotes 06/21/11: Added FW 3.1.7-h1, updated Security Policy.
strFirstValidtionDate 02/10/11 00:00:00
strLabName InfoGard
strValidationYear 2011