Module Name
Panorama Virtual Appliance 9.0
Caveat
When operated in FIPS mode
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Panorama Virtual Appliance 9.0 module provides centralized management and visibility of multiple Palo Alto Networks next-generation firewalls and supports distributed management and logging functions. It allows you to oversee all applications, users, and content traversing the network and then create application enablement policies that protect and control the entire network.
Tested Configuration(s)
- CentOS 7 - KVM on running on a Dell Power Edge R730 with Intel Xeon E5-2630 CPU
- Microsoft Hyper-V 2012 r2 running on a Dell PowerEdge R730 with Intel Xeon E5-2640 CPU (single user mode)
- VMware ESXi v6.5 running on a Dell PowerEdge R730 with Intel Xeon E5-2640 CPU
FIPS Algorithms
AES |
Cert. #C999 |
CKG |
vendor affirmed |
CVL |
Cert. #C999 |
DRBG |
Cert. #C999 |
DSA |
Cert. #C999 |
ECDSA |
Cert. #C999 |
HMAC |
Cert. #C999 |
KAS |
KAS-SSC Cert. #A2669 and CVL Cert. #C999 |
KAS-SSC |
Cert. #A2669 |
KTS |
AES Cert. #C999 and HMAC Cert. #C999; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #C999; key establishment methodology provides 128 or 256 bits of encryption strength |
RSA |
Cert. #C999 |
SHS |
Cert. #C999 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)