Module Name
FortiGate-VM Virtual Appliances
Validation Dates
09/20/2019
Caveat
When operated in FIPS mode and configured according to the Entropy Token Section of the Security Policy. There is no assurance of the minimum strength of generated keys
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Physical Security: N/A
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-VM appliances are software modules designed to execute on a General Purpose Computer (GPC) hardware platform running the VMware hypervisor and FortiOS 5.4. The FortiOS provides integrated firewall, VPN, antivirus, antispam, intrusion prevention, content filtering and traffic shaping and HA capabilities.
Tested Configuration(s)
- FortiGate-VM on FortiHypervisor v1.1.0,build 0129 (single-user mode) running on FortiHypervisor-500D with Intel Xeon E3 processor with the Fortinet entropy token (part number FTR-ENT-1 or FTR-ENT-2)
FIPS Algorithms
| AES |
Certs. #5404 and #5405 |
| CKG |
vendor affirmed |
| CVL |
Certs. #1862, #1863, #1864 and #1865 |
| DRBG |
Cert. #2102 |
| ECDSA |
Certs. #1432 and #1433 |
| HMAC |
Certs. #3579 and #3580 |
| KTS |
AES Cert. #5404 and HMAC Cert. #3579; key establishment methodology provides 128 or 256 bits of encryption strength |
| RSA |
Cert. #2890 |
| SHS |
Certs. #4338 and #4339 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1862 and #1864, key agreement; key establishment methodology provides between 112 and 200 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1862 and #1864, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
FortiGate-VM 5.4, b3276, 171006
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
