Module Name
FortiGate-6301F/6501F
Validation Dates
05/19/2020
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals and entropy token installed as indicated in the Security Policy. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Design Assurance: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-6301F and FortiGate-6501F are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements.
FIPS Algorithms
| AES |
Certs. #C531, #C599 and #C644 |
| CVL |
Certs. #C531, #C599 and #C644 |
| DRBG |
Cert. #C613 |
| ECDSA |
Certs. #C531, #C599 and #C644 |
| HMAC |
Certs. #C531, #C599 and #C644 |
| KTS |
AES Cert. #C644 and HMAC Cert. #C644; key establishment methodology provides 128 or 256 bits of encryption strength |
| KTS |
AES Cert. #C644; key establishment methodology provides 128 or 256 bits of encryption strength |
| RSA |
Certs. #C531 and #C644 |
| SHS |
Certs. #C531, #C599 and #C644 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C599 and #C644, key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C644, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Hardware Versions
C1AG85, C1AG83 with Tamper Evident Seal Kits: FIPS-SEAL-RED
Firmware Versions
FortiOS 5.6, build4265,190820
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
