U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3927

Details

Module Name
FortiGate-201E/301E/401E/501E/601E
Standard
FIPS 140-2
Status
Active
Sunset Date
5/16/2026
Overall Level
2
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in the FIPS 140-2 Compliant Operation Section of the Security Policy with the tamper evident seals installed as indicated in the Security Policy. Authentication at level 3 is only applicable when identity-based authentication is enforced for the User role.
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The FortiGate-201E/301E/401E/501E/601E are multiple chip, standalone cryptographic modules consisting of production grade components contained in a physically protected enclosure in accordance with FIPS 140-2 Level 2 requirements.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #C1548, #C1549, #C1572, #C1574, #C1575, #C1576 and #C1578
CVL Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
DRBG Certs. #C1571 and #C1573
ECDSA Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
HMAC Certs. #C1572, #C1574, #C1575, #C1576 and #C1578
KTS AES Certs. #C1548 and #C1549 and HMAC Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
KTS AES Certs. #C1574 and #C1576; key establishment methodology provides 128 or 256 bits of encryption strength
RSA Certs. #A1186, #A1187, #A1252, #A1293, #C1574, #C1576 and #C1578
SHS Certs. #A1186, #A1187, #C1572, #C1574, #C1575, #C1576 and #C1578
Allowed Algorithms
Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 112 and 196 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #C1572, #C1574, #C1575 and #C1576, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
FortiGate-201E (C1AE64), FortiGate-301E (C1AG46), FortiGate-401E (C1AH76), FortiGate-501E (C1AG44) and FortiGate-601E (C1AH71) with Tamper Evident Seal Kit: FIPS-SEAL-RED
Firmware Versions
FortiOS 6.0 build 5445 and FortiOS 6.2 build 5548

Vendor

Fortinet, Inc.
16 Fitzgerald Road
Ottawa, ON K2H 8R6
Canada

Alan Kaye
akaye@fortinet.com
Phone: 613-225-9381 x87416
Fax: 613-225-2951

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
5/17/2021 Initial Lightship Security, Inc.