| intCertNum |
2637 |
| strVendorName |
Palo Alto Networks |
| strURL |
http://www.paloaltonetworks.com |
| strAddress1 |
4401 Great America Parkway |
| strAddress2 |
|
| strAddress3 |
|
| strCity |
Santa Clara |
| strStateProv |
CA |
| strPostalCode |
95054 |
| strCountry |
95054 |
| strContact |
Richard Bishop |
| strEmail |
rbishop@paloaltonetworks.com |
| strPhone |
408-753-4000 |
| strFax |
|
| strContact2 |
Jake Bajic |
| strEmail2 |
jbajic@paloaltonetworks.com |
| strFax2 |
|
| strPhone2 |
408-753-4000 |
| intCertNum |
2637 |
| strModuleName |
PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 Firewalls |
| strPartNumber |
Hardware Versions: PA-200 P/N 910-000015-00E Rev. E [1], PA-500 P/N 910-000006-00O Rev. O [2], PA-500-2GB P/N 910-000094-00O Rev. O [2], PA-2020 P/N 910-000004-00Z Rev. Z [3], PA-2050 P/N 910-000003-00Z Rev. Z [3], PA-3020 P/N 910-000017-00J Rev. J [4], PA-3050 P/N 910-000016-00J Rev. J [4], PA-4020 P/N 910-000002-00AB Rev. AB [5], PA-4050 P/N 910-000001-00AB Rev. AB [5], PA-4060 P/N 910-000005-00S Rev. S [5], PA-5020 P/N 910-000010-00F Rev. F [6], PA-5050 P/N 910-000009-00F Rev. F [6], PA-5060 P/N 910-000008-00F Rev. F [6] and PA-7050 P/N 910-000102-00B Rev. B with 910-000028-00B or 910-000117-00A Rev. B [7];
FIPS Kit P/Ns: 920-000084-00A Rev. A [1], 920-000005-00A Rev. A [2], 920-000004-00A Rev. A [3], 920-000081-00A Rev. A [4], 920-000003-00A Rev. A [5], 920-000037-00A Rev. A [6], and 920-000112-00A Rev. A [7];
Firmware Versions: 7.0.1-h4 and 7.0.3 |
| memModuleNotes |
When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy |
| str140Version |
140-2 |
| _sp_ |
Security Policy [pdf][html][txt] |
| _cert_ |
Certificate [pdf] |
| strPURL |
|
| strModuleType |
Hardware |
| strValidationDate |
05/13/2016 |
| intOverallLevel |
2 |
| memIndividualLevelNotes |
-Roles, Services, and Authentication: Level 3;-Design Assurance: Level 3;-Mitigation of Other Attacks: N/A;-Operational Environment: N/A |
| strFIPSAlgorithms |
AES (Cert. #3475);
ECDSA (Cert. #713);
RSA (Cert. #1782);
HMAC (Cert. #2220);
SHS (Cert. #2870);
DRBG (Cert. #870);
CVL (Certs. #564, #565, #566 and #567) |
| strOtherAlgorithms |
EC Diffie-Hellman (CVL Cert. #567, key agreement: key establishment methodology provides 128 bits or 192 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
Diffie-Hellman (key agreement: key establishment methodology provides 112 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
AES (Cert. #3475, key wrapping;
key establishment methodology provides 128 or 256 bits of encryption strength);
RSA (key wrapping;
key establishment methodology provides 112 bits or 128 bits of encryption strength;
non-compliant less than 112 bits of encryption strength);
NDRNG;
MD5;
RIPEMD;
Camellia;
SEED;
Triple-DES (non-compliant);
Blowfish;
CAST;
RC4;
UMAC;
HMAC-MD5;
HMAC-RIPEMD;
DSA (non-compliant) |
| strConfiguration |
Multi-Chip Stand Alone |
| memModuleDescription |
The Palo Alto Networks PA-200, PA-500, PA-2000 Series, PA-3000 Series, PA-4000 Series, PA-5000 Series and PA-7050 firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security polices - safely enabling organizations to adopt new applications. |
| intModuleCount |
7 |
| memAdditionalNotes |
|
| strFirstValidtionDate |
05/13/16 00:00:00 |
| strLabName |
InfoGard |
| strValidationYear |
2016 |
|