U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

Cryptographic Module Validation Program CMVP

Certificate #3913

Details

Module Name
FortiGate-61E/61F/81E/101E/101F and FortiWiFi-61E
Standard
FIPS 140-2
Status
Active
Sunset Date
5/2/2026
Overall Level
2
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-61E/61F/81E/101E/101F and FortiWiFi-61E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #C1548, #C1549, #C1572, #C1574, #C1575, #C1576 and #C1798
CVL Certs. #C1572, #C1574, #C1575, #C1576 and #C1798
DRBG Certs. #C1571 and #C1573
ECDSA Certs. #C1572, #C1574, #C1575, #C1576 and #C1798
HMAC Certs. #C1572, #C1574, #C1575, #C1576 and #C1798
KTS AES Certs. #C1548 and #C1549 and HMAC Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Certs. #A1186, #A1187, #A1252, #A1293, #C1574, #C1576 and #C1798
SHS Certs. #A1186, #A1187, #C1572, #C1574, #C1575, #C1576 and #C1798
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
FortiGate-61E (C1AE14) [2] [4], FortiGate-61F (C1AJ23) [1] [3], FortiGate-81E (C1AE21) [2] [4], FortiGate-101E (C1AE27) [2] [4], FortiGate-101F (C1AJ44) [1] [5] and FortiWiFi-61E (C1AE18) [2] [4] with Tamper Evident Seal Kit: FIPS-SEAL-RED
Firmware Versions
FortiOS 6.0 build 5439 [1], FortiOS 6.0 build 5445 [2], FortiOS 6.2 build 5526 [3], FortiOS 6.2 build 5548 [4], FortiOS 6.2 build 5185 [5]

Vendor

Fortinet, Inc.
16 Fitzgerald Road
Ottawa, ON K2H 8R6
Canada

Alan Kaye
akaye@fortinet.com
Phone: 613-225-9381 x87416
Fax: 613-225-2951

Validation History

Date Type Lab
5/3/2021 Initial Lightship Security, Inc.
5/11/2022 Update Lightship Security, Inc.