Module Name
Palo Alto Networks VM-Series
Validation Dates
11/30/2016;01/11/2018;02/13/2018;02/21/2020
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The VM-Series allows you to protect your applications and data from cyber threats with our next-generation firewall security and advanced threat prevention features.
Tested Configuration(s)
- CentOS 6.5 - KVM running on a Dell Power Edge R620
- Citrix XenServer 6.1.0 running on a Citrix NetScaler SDX 11500 (single-user mode)
- VMware ESXi 5.5 running on a Dell PowerEdge R730
FIPS Algorithms
| AES |
Cert. #4019 |
| CVL |
Certs. #843, #844, #845 and #846 |
| DRBG |
Cert. #1197 |
| ECDSA |
Cert. #895 |
| HMAC |
Cert. #2621 |
| KAS |
SP 800-56Arev2 with CVL Certs. #843 and #844, vendor affirmed |
| KTS |
AES Cert. #4019; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #4019 and HMAC Cert. #2621; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #2062 |
| SHS |
Cert. #3315 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
