Module Name

Pulse Secure Cryptographic Module

Standard

FIPS 140-2

Status

Active

Sunset Date

5/2/2022

Validation Dates

05/03/2017

Overall Level

1

Caveat

When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy.

Security Level Exceptions

• Roles, Services, and Authentication: Level 2
• Physical Security: N/A
• Mitigation of Other Attacks: N/A

Module Type

Software

Embodiment

Multi-Chip Stand Alone

Description

Pulse Secure's portfolio delivers Secure Access solutions for people, devices, things and services. It includes Pulse Connect Secure - the most reliable and feature rich VPN, Pulse Policy Secure - powerful Network Access Control (NAC) with granular network visibility and access control, Pulse Workspace - simplified enterprise mobility management (EMM), Pulse One - centralized management, and the Pulse Unified Client - a single client to connest them all. Together they provide users with secure remote, campus, mobile, and cloud access based on their role, identity, device and location.

Tested Configuration(s)

• IVE OS 2.0 32-bit with Intel Atom Processor N270 (x86) on Pulse Secure MAG 2600
• IVE OS 2.0 64-bit on Vmware ESXi with Intel Xeon E5-2620 v4 on Dell Power Edge R430/R530, Intel Xeon E5-2620 v4 (single-user mode)
• IVE OS 2.0 64-bit with Intel Celeron Processor J1900 (x86) on Pulse Secure PSA300
• IVE OS 2.0 64-bit with Intel Celeron Processor J1900 (x86) on Pulse Secure PSA3000
• IVE OS 2.0 64-bit with Intel Core2 Quad Q9400 (x86) on Pulse Secure MAG SM360
• IVE OS 2.0 64-bit with Intel Pentium Processor E2160 (x86) on Pulse Secure MAG 4610
• IVE OS 2.0 64-bit with Intel Pentium Processor E2160 (x86) on Pulse Secure MAG SM160
• IVE OS 2.0 64-bit with Intel Pentium Processor G3420 (x86) on Pulse Secure PSA5000
• IVE OS 2.0 64-bit with Intel Xeon E3-1275v3 (x86) on Pulse Secure PSA 7000c
• IVE OS 2.0 64-bit with Intel Xeon E3-1275v3 (x86) on Pulse Secure PSA 7000f
• Pulse One version 2.0 with Intel Xeon E3-1275v3 (x86) on Pulse Secure PSA 7000c
• Pulse One version 2.0 with Intel Xeon E3-1275v3 (x86) on Pulse Secure PSA 7000f

FIPS Algorithms

AES	Certs. #4334 and #4341
CVL	Cert. #1046
DRBG	Cert. #1384
DSA	Cert. #1152
ECDSA	Cert. #1026
HMAC	Cert. #2880
RSA	Cert. #2345
SHS	Cert. #3577
Triple-DES	Certs. #2346 and #2347

Other Algorithms

EC Diffie-Hellman (CVL Cert. #1046, key agreement, key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength); PRNG

Software Versions

2.0