Module Name
FireEye NX Series: NX-1500, NX-2500, NX-2550, NX-3500, NX-4500, NX-5500, NX-10450
Validation Dates
01/19/2018
Caveat
When operated in FIPS mode.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The FireEye Network Threat Prevention Platform identifies and blocks zero-day Web exploits, droppers (binaries), and multi-protocol callbacks to help organizations scale their advanced threat defenses across a range of deployments, from the multi-gigabit headquarters down to remote, branch, and mobile offices. FireEye Network with Intrusion Prevention System (IPS) technology further optimizes spend, substantially reduces false positives, and enables compliance while driving security across known and unknown threats.
FIPS Algorithms
AES |
Certs. #4761 |
CKG |
vendor affirmed |
CVL |
Certs. #1406 and 1407 |
DRBG |
Cert. #1638 |
DSA |
Cert. #1281 |
ECDSA |
Cert. #1193 |
HMAC |
Cert. #3172 |
KTS |
AES Cert. #4761 and HMAC Cert. #3172; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
Triple-DES Cert. #2531 and HMAC Cert. #3172; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #2604 and 2605 |
SHS |
Certs. #3903 and 3904 |
Triple-DES |
Certs. #2531 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1406 with CVL Cert. #1407, key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1406 with CVL Cert. #1407, key agreement; key establishment methodology provides 128 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
NX-1500, NX-2500, NX-2550, NX-3500, NX-4500, NX-5500, NX-10450