Certificate 1652 - SSG 5 and SSG 20
intCertNum 1652
strVendorName Juniper Networks, Inc.
strURL http://www.juniper.net/us/en/
strAddress1 1194 North Mathilda Ave
strAddress2
strAddress3
strCity Sunnyvale
strStateProv CA
strPostalCode 94089
strCountry 94089
strContact Claudio Baserga
strEmail cbaserga@juniper.net
strPhone 408-936-0961
strFax
strContact2
strEmail2
strFax2
strPhone2
intCertNum 1652
strModuleName SSG 5 and SSG 20
strPartNumber Hardware Versions: (SSG-5-SB, SSG-5-SB-BT, SSG-5-SB-M, SSG-5-SH, SSG-5-SH-BT, SSG-5-SH-M , SSG-20-SB and SSG-20-SH) with JNPR-FIPS-TAMPER-LBLS;
Firmware Version: ScreenOS 6.3r6
memModuleNotes When operated in FIPS mode with the tamper evident seals and security devices installed as indicated in the Security Policy
str140Version 140-2
_sp_ Security Policy   [pdf][html][txt]
_cert_ Certificate   [pdf]
strPURL http://www.juniper.net/us/en/products-services/security/ssg-series/
strModuleType Hardware
strValidationDate 12/15/2011;07/24/2012;12/11/2013
intOverallLevel 2
memIndividualLevelNotes
strFIPSAlgorithms Triple-DES (Cert. #1061);
AES (Cert. #1620);
DSA (Cert. #507);
SHS (Cert. #1429);
RNG (Cert. #868);
RSA (Cert. #798);
HMAC (Cert. #951);
ECDSA (Cert. #205)
strOtherAlgorithms Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
EC Diffie-Hellman (key agreement: key establishment methodology provides 128 bits of security);
NDRNG;
DES;
MD5
strConfiguration Multi-chip standalone
memModuleDescription Juniper Networks integrated security devices are purpose-built to perform essential
networking security functions designed on top of robust networking and security real-time operating systems, ScreenOS. These are high-performance platforms that deliver integrated security and LAN/WAN routing across high-density LAN/WAN interfaces, Juniper Networks
integrated security devices address the needs of small to medium sized locations, large
distributed enterprises, and service providers as well as large and co-located datacenters.
intModuleCount 1
memAdditionalNotes 12/19/11: Embodiment corrected; changed from firmware to hardware module.
07/24/12: Corrected EC Diffie-Hellman encryption strength.
12/11/13: Updated contact information.
strFirstValidtionDate 12/15/11 00:00:00
strLabName ICSA
strValidationYear 2011