Module Name
Huawei AR2240, AR3260 and AR169FGVW-L Series Routers
Validation Dates
07/25/2017
Caveat
When operated in FIPS mode and with the tamper evident seals and external baffles installed as indicated in the Security Policy. The protocols IKEv1 and SNMP shall not be used when operated in FIPS mode.
Security Level Exceptions
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
ARs are located between an enterprise network and a public network, functioning as the only ingress and egress for data transmitted between the two networks. The deployment of various network services over the ARs reduces operation & maintenance (O&M) costs as well as those associated with establishing an enterprise network.
FIPS Algorithms
| AES |
Cert. #4323 |
| CKG |
vendor affirmed |
| CVL |
Cert. #1036 |
| DRBG |
Cert. #1379 |
| ECDSA |
Cert. #1023 |
| HMAC |
Cert. #2861 |
| KTS |
AES Cert. #4323 and HMAC Cert. #2861; key establishment methodology provides 128 bits of encryption strength |
| KTS |
Triple-DES Cert. #2335 and HMAC Cert. #2861; key establishment methodology provides 112 bits of encryption strength |
| SHS |
Cert. #3565 |
| Triple-DES |
Cert. #2335 |
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); NDRNG
Hardware Versions
AR2240 P/N 03022UFU Version C.2, AR3260 P/N 03022NPN Version I.3 and AR169FGVW-L P/N 50010168 Version L.2; Tamper Evident Seals P/N 4057-113016 and External Baffle P/N 99089JEB
Firmware Versions
V200R008C10SPC120
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
