Validation Dates
01/05/2018
Caveat
When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The FortiWeb OS is a firmware operating system that runs exclusively on Fortinet's FortiWeb product family. FortiWeb units are PC-based, purpose built appliances.
Tested Configuration(s)
- FortiWeb-4000E with the Fortinet entropy token (part number FTR-ENT-1 )
FIPS Algorithms
| AES |
Cert. #4461 |
| CKG |
vendor affirmed |
| CVL |
Cert. #1169 |
| DRBG |
Cert. #1434 |
| HMAC |
Cert. #2960 |
| KTS |
AES Cert. #4461 and HMAC Cert. #2960; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #2437 |
| SHS |
Cert. #3673 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1169, key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; RSA (CVL Cert. #1169, key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Firmware Versions
v5.6.0, build 6180,170928
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
