U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3833

Details

Module Name
FortiGate-1101E/2000E/2201E/2500E/3301E
Standard
FIPS 140-2
Status
Active
Sunset Date
3/2/2026
Validation Dates
03/03/2021
Overall Level
2
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-1101E, 2000E, 2201E, 2500E and 3301E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #C1548, #C1549, #C1572, #C1574, #C1575, #C1576 and #C1578
CVL Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
DRBG Certs. #C1571 and #C1573
ECDSA Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
HMAC Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
KTS AES Certs. #C1548 and #C1549 and HMAC Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Certs. #C1574, #C1576 and #C1578
SHS Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
FortiGate-1101E (C1AJ13) [1], FortiGate-2201E (C1AH54) [2], FortiGate-3301E (C1AJ38) [2], FortiGate-2000E (C1AF49) [3] and FortiGate-2500E (C1AF51) [3] with Tamper Evident Seal Kit: FIPS-SEAL-RED
Firmware Versions
FortiOS 6.0 build 5441 and FortiOS 6.2 build 5525 [1], FortiOS 6.0 build 5440 and FortiOS 6.2 build 5611 [2], FortiOS 6.0 build 5445 and FortiOS 6.2 build 5548 [3]

Vendor

Fortinet, Inc.
16 Fitzgerald Road
Ottawa, ON K2H 8R6
Canada

Alan Kaye
akaye@fortinet.com
Phone: 613-225-9381 x87416
Fax: 613-225-2951

Related Files

Security Policy

Lab

Lightship Security, Inc.
NVLAP Code: 600207-0