Module Name
GlobalProtect App
Historical Reason
SP 800-56Arev3 transition
Caveat
When installed, initialized and configured as specified in the Security Policy and operated in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The GlobalProtect App is a software cryptographic module that runs on commerically available operating systems and provides security for mobile users. The GlobalProtect App secures traffic using TLS or IPsec, and allows users to connect to corporate networks to access a company's resources from anywhere in the world (e.g., when users are remote).
Tested Configuration(s)
- macOS Mojave 10.14 running on an Apple Macbook Pro with Intel Core i5 with PAA
- macOS Mojave 10.14 running on an Apple Macbook Pro with Intel Core i5 without PAA (single-user mode)
- Microsoft Windows 10 Enterprise running on a Dell Precision 5520 with Intel Core i7 with PAA
- Microsoft Windows 10 Enterprise running on a Dell Precision 5520 with Intel Core i7 without PAA
FIPS Algorithms
AES |
Cert. #C1544 |
CVL |
Cert. #C1544 |
DRBG |
Cert. #C1544 |
ECDSA |
Cert. #C1544 |
HMAC |
Cert. #C1544 |
KAS |
Cert. #C1544 |
KTS |
AES Cert. #C1544 and HMAC Cert. #C1544; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1544; key establishment methodology provides 128 or 256 bits of encryption strength |
RSA |
Cert. #C1544 |
SHS |
Cert. #C1544 |