Transcription
FireEye CM Series: CM4500,CM7500, CM9400, CM9500FireEye, Inc.FIPS 140-2 Non-Proprietary Security PolicyDocument Version: 1.0Prepared By:Acumen Security2400 Research Blvd, Suite 395Rockville, MD 20850www.acumensecurity.net
Table of Contents1.2.Introduction . 41.1Purpose . 41.2Document Organization . 41.3Notices . 4FireEye CM Series: CM4500, CM7500, CM9400, CM9500 . 52.1Cryptographic Module Specification . 52.1.1Cryptographic Boundary . 52.2Cryptographic Module Ports and Interfaces . 102.3Roles, Services, and Authentication . 102.3.1Authorized Roles. 112.3.2Authentication Mechanisms . 112.3.3Services . 142.4Physical Security . 192.5Cryptographic Key Management . 202.6Cryptographic Algorithm . 232.6.1FIPS-approved Algorithms . 232.6.2Non-Approved Algorithms Allowed for Use With FIPS-approved services. 262.6.3 Non-Approved Algorithms Disallowed for Use With FIPS-approved services . 272.7Electromagnetic Interference / Electromagnetic Compatibility (EMI/EMC). 282.8Self-Tests. 292.8.1Power-On Self-Tests . 292.8.2Conditional Self-Tests . 292.8.3Self-Tests Error Handling . 302.93.Mitigation of Other Attacks . 31Secure Operation. 323.1Modes of Operation . 323.2Installation . 323.3Initialization . 323.3.1Default Authentication . 32
3.3.2Enable compliance configuration options . 323.3.3Enable FIPS 140-2 compliance . 323.4Management . 333.4.1SSH Usage . 333.4.1.1Symmetric Encryption Algorithms: . 333.4.1.2KEX Algorithms: . 333.4.1.3Message Authentication Code (MAC) Algorithms: . 333.4.2TLS Usage . 333.4.3SNMP Usage . 343.5Secure Delivery . 343.6Switching Modes of operation . 353.7Additional Information. 35Appendix A: Acronyms . 36
1. IntroductionThis is a non-proprietary FIPS 140-2 Security Policy for the FireEye CM Series: CM4500, CM7500, CM9400, CM9500.Below are the details of the product validated:Hardware Version: CM4500, CM7500, CM9400, CM9500Firmware Version #: 9.0.3FIPS 140-2 Security Level: 11.1PurposeThis document was prepared as Federal Information Processing Standard (FIPS) 140-2 validation evidence. Thedocument describes how the FireEye CM Series: CM4500, CM7500, CM9400, CM9500 meets the securityrequirements of FIPS 140-2. It also provides instructions to individuals and organizations on how to deploy the productin a secure FIPS-approved mode of operation. Target audience of this document is anyone who wishes to use orintegrate this product into a solution that is meant to comply with FIPS 140-2 requirements.1.2Document OrganizationThe Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this document, theSubmission Package contains: Vendor Evidence documentFinite State MachineOther supporting documentation as additional referencesThis Security Policy and the other validation submission documentation were produced by Acumen Security, LLC.under contract to FireEye, Inc. With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 SubmissionPackage is proprietary to FireEye, Inc. and is releasable only under appropriate non-disclosure agreements.1.3NoticesThis document may be freely reproduced and distributed in its entirety without modification.
2. FireEye CM Series: CM4500, CM7500, CM9400, CM9500The FireEye CM Series: CM4500, CM7500, CM9400, CM9500 (the module) is a multi-chip standalone module validatedat FIPS 140-2 Security Level 1. Specifically, the module meets the following security levels for individual sections in theFIPS 140-2 standard:Table 1 - Security Level for Each FIPS 140-2 Section#12345678910112.1Section TitleCryptographic Module SpecificationCryptographic Module Ports and InterfacesRoles, Services, and AuthenticationFinite State ModelPhysical SecurityOperational EnvironmentCryptographic Key ManagementEMI/EMCSelf-TestsDesign AssurancesMitigation Of Other AttacksSecurity Level11311N/A1113N/ACryptographic Module SpecificationThe FireEye CM series is a group of management platforms that consolidates the administration, reporting, and datasharing of the FireEye NX, EX, and VX series in one easy-to-deploy, network-based platform. Within the FireEyedeployment, the FireEye CM enables real-time sharing of the auto-generated threat intelligence to identify and blockadvanced attacks targeting the organization. It also enables centralized configuration, management, and reporting ofFireEye platforms.2.1.1 Cryptographic BoundaryThe cryptographic boundary for the module is defined as encompassing the "top," "front," "left," "right," and"bottom" surfaces of the case and all portions of the "backplane" of the case. The following figures provide a physicaldepiction of the cryptographic module.Figure 1: FireEye CM4500 (Front Panel)
Figure 2: FireEye CM4500 (Front Panel (Chassis) without Bezel)Figure 3: FireEye CM4500 (Rear Panel)Figure 4: FireEye CM7500 (Front Panel)
Figure 5: FireEye CM7500 (Rear Panel)Figure 6: FireEye CM9400 (Front Panel)
Figure 7: FireEye CM9400 (Rear Panel)Figure 8: FireEye CM9500 (Front Panel)
Figure 9: FireEye CM9500 (Rear Panel)
2.2Cryptographic Module Ports and InterfacesThe module provides a number of physical and logical interfaces to the device, and the physical interfaces provided bythe module are mapped to four FIPS 140-2 defined logical interfaces: data input, data output, control input, and statusoutput. The logical interfaces and their mapping are described in the following table:Table 2 - Module Interface Mapping – CM4500/CM7500/CM9400/CM9500FIPS InterfaceData InputPhysical Interface10/100/1000 BASE-T Management Ports (CM4500 (1x), CM7500 (1x), CM9400 (2x), CM9500 (1x))10/100/1000 BASE-T Monitoring Ports (CM4500 (3x), CM7500 (3x), CM9400 (2x), CM9500 (3x))(1x) 100 BASE-T Management Port (IPMI)(1x) PS/2 Keyboard Port (CM9400)(1x) PS/2 Mouse Port (CM9400)(2x) USB 2.0 Ports(2x) USB 3.0 Ports (CM4500, CM7500, CM9500)(1x) Serial PortData Output10/100/1000 BASE-T Management Ports (CM4500 (1x), CM7500 (1x), CM9400 (2x), CM9500 (1x))10/100/1000 BASE-T Monitoring Ports (CM4500 (3x), CM7500 (3x), CM9400 (2x), CM9500 (3x))(1x) 100 BASE-T Management Port (IPMI)(1x) Video Port(2x) USB 2.0 Ports(2x) USB 3.0 Ports (CM4500, CM7500, CM9500)(1x) Serial PortControl Input10/100/1000 BASE-T Management Ports (CM4500 (1x), CM7500 (1x), CM9400 (2x), CM9500 (1x))(1x) 100 BASE-T Management Port (IPMI)(1x) PS/2 Keyboard Port (CM9400)(1x) PS/2 Mouse Port (CM9400)(2x) USB 2.0 Ports(2x) USB 3.0 Ports (CM4500, CM7500, CM9500)(1x) Serial Port(1x) Power Button(1x) Reset Button (CM4500, CM7500, CM9500)Status Output10/100/1000 BASE-T Management Ports (CM4500 (1x), CM7500 (1x), CM9400 (2x), CM9500 (1x))(1x) 100 BASE-T Management Port (IPMI)(1x) Video Port(2x) USB 2.0 Ports(2x) USB 3.0 Ports (CM4500, CM7500, CM9500)(1x) Serial PortLEDs (CM4500 (5x), CM7500 (5x), CM9400 (4x), CM9500 (5x))Power Interface (2x) Power Ports2.3Roles, Services, and AuthenticationThe following sections provide details about roles supported by the module, how these roles are authenticated andthe services the roles are authorized to access.
2.3.1 Authorized RolesThe module supports several different roles, including multiple Cryptographic Officer roles and a User role. Themodule does not support a maintenance role and/or bypass capability.Configuration of the module can occur over several interfaces and at different levels depending upon the role assignedto the user. There are multiple types of Cryptographic Officers that may configure the module, as follows: Admin: The system administrator is a “super user” who has all capabilities. The primary function of this role isto configure the system.Monitor: The system monitor has read-only access to some things the admin role can change or configure.Operator: The system operator has a subset of the capabilities associated with the admin role. Its primaryfunction is configuring and monitoring the system.Analyst: The system analyst focuses on data plane analysis and possesses several capabilities, including settingup alerts and reports.Auditor: The system auditor reviews audit logs and performs forensic analysis to trace how events occurred.SNMP: The SNMP role provides system monitoring through SNMPv3.WSAPI: The WSAPI role supports system administration via a TLS authenticated interface.The Users of the module are the remote IT devices and remote management clients accessing the module viacryptographic protocols. These protocols include, SSH, TLS, and SNMPv3.Unauthenticated users are only able to access the module LEDs and power cycle the module.2.3.2 Authentication MechanismsThe module supports identity-based authentication. Module operators must authenticate to the module before beingallowed access to services, which require the assumption of an authorized role. The module employs theauthentication methods described in the table below to authenticate Crypto-Officers and Users.Table 3 - Authentication Mechanism SAPIType Of AuthenticationPassword/UsernameAuthentication StrengthAll passwords must be between 8 and 32characters. The passwords can consist ofalphanumeric values, {a-z, A-Z, 0-9, and specialcharacters}, the characters can thus be chosenfrom the 94 human readable ASCII characters onan American QWERTY computer keyboard. Thus,the probability of a successful random attempt is1/94 8 , which is less than 1 in 1,000,000. In theworst-case scenario, if (8) integers are used for aneight-digit password, the probability of randomlyguessing the correct sequence is one (1) in100,000,000 (this calculation is based on theassumption that the typical standard AmericanQWERTY computer keyboard has 10 Integer digits.
RoleUserType Of AuthenticationPassword/Username orAsymmetric AuthenticationAuthentication StrengthThe calculation should be 10 8 100,000,000).Therefore, the associated probability of asuccessful random attempt is approximately 1 in100,000,000, which again is less than 1 in1,000,000 required by FIPS 140-2.The module enforces a timed access mechanism asfollows: For the first five failed attempts (assuming0 time to process), no timed access is enforced.Upon the sixth attempt, the module enforces a 15second delay. For the seventh and eight attemptsagain, no timed access is enforced. Thereafter thiscycle repeats, i.e., every third failed attempt, themodule enforces a 15-second delay. This wouldallow the attacker to perform roughly 15 attemptsper minute. The probability of a success withmultiple consecutive attempts in a one-minuteperiod is 15/(94 8) (or 15/(10 8) in the worstcase), which is less than 1/1,000,000.All passwords must be between 8 and 32characters. The passwords can consist ofalphanumeric values, {a-z, A-Z, 0-9, and specialcharacters}, the characters can thus be chosenfrom the 94 human readable ASCII characters onan American QWERTY computer keyboard. Thus,the probability of a successful random attempt is1/94 8 , which is less than 1 in 1,000,000. In theworst-case scenario, if (8) integers are used for aneight-digit password, the probability of randomlyguessing the correct sequence is one (1) in100,000,000 (this calculation is based on theassumption that the typical standard AmericanQWERTY computer keyboard has 10 Integer digits.The calculation should be 10 8 100,000,000).Therefore, the associated probability of asuccessful random attempt is approximately 1 in100,000,000, which again is less than 1 in1,000,000 required by FIPS 140-2.The module enforces a timed access mechanism asfollows: For the first five failed attempts (assuming0 time to process), no timed access is enforced.
RoleType Of AuthenticationAuthentication StrengthUpon the sixth attempt, the module enforces a 15second delay. For the seventh and eight attemptsagain, no timed access is enforced. Thereafter thiscycle repeats, i.e., every third failed attempt, themodule enforces a 15-second delay. This wouldallow the attacker to perform roughly 15 attemptsper minute. The probability of a success withmultiple consecutive attempts in a one-minuteperiod is 15/(94 8) (or 15/(10 8) in the worstcase), which is less than 1/1,000,000.When using RSA based authentication, RSA keypair has modulus size of 2048 bit, thus providing112 bits of strength. Therefore, an attacker wouldhave a 1 in 2 112 chance of randomly obtainingthe key, which is much stronger than the one in amillion chance, required by FIPS 140-2.For RSA-based authentication, to exceed a 1 in100,000 probability of a successful random keyguess in one minute, an attacker would have to becapable of approximately 5.19x10 28 attempts perminute. In the worst-case scenario, an operatorcan make 60 failed attempts per minute.
2.3.3 ServicesThe services that require operators to assume an authorized role (Crypto-Officer or User) arelisted in the table below. Please note that the keys and Critical Security Parameters (CSPs) listedbelow use the following indicators to show the type of access required: R (Read): The CSP is read W (Write): The CSP is established, generated, modified, or zeroized Z (Zeroize): The CSP is zeroizedTable 4 - ServicesServiceSSH to externalIT deviceDescriptionSecure SSHconnection betweena CM and otherFireEye appliancesusing SSH.RoleUserAdministrative Secure remoteaccess over SSH command lineapplianceadministration overan SSH tunnel.COAdministrativeaccess overwebGUICOSecure remote GUIapplianceadministration over aTLS tunnel. Key/CSP and Type of AccessDRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)SSH Private Key (R/W/Z)SSH Public Key (R/W/Z)SSH Session Key (R/W/Z)SSH Integrity Key (R/W/Z)Admin Password (R/W/Z)Monitor Password (R/W/Z)Operator Password (R/W/Z)Analyst Password (R/W/Z)Auditor Password (R/W/Z)DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)SSH Private Key (R/W/Z)SSH Public Key (R/W/Z)SSH Session Key (R/W/Z)SSH Integrity Key (R/W/Z)Admin Password (R/W/Z)Monitor Password (R/W/Z)Operator Password (R/W/Z)Analyst Password (R/W/Z)
FIPS 140-2 Security PolicyServiceDescriptionRoleAdministrativeaccess overWSAPISecure remoteapplianceadministration over aTLS tunnel.COAdministrativeaccess overserial consoleand VGADirectly connectedcommand lineapplianceadministration.COSNMPv3Secure remoteSNMPv3-basedsystem monitoring.TLS-basedconnection used toupload data to theFireEye cloud.CODTI connection15User Key/CSP and Type of AccessAuditor Password (R/W/Z)DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)TLS Private Key (R/W/Z)TLS Public Key (R/W/Z)TLS Pre-Master Secret (R/W/Z)TLS Master Secret (R/W/Z)TLS Session Encryption Key (R/W/Z)TLS Session Integrity Key (R/W/Z)WSAPI Password (R/W/Z)DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)TLS Private Key (R/W/Z)TLS Public Key (R/W/Z)TLS Pre-Master Secret (R/W/Z)TLS Master Secret (R/W/Z)TLS Session Encryption Key (R/W/Z)TLS Session Integrity Key (R/W/Z)Admin Password (R/W/Z)Monitor Password (R/W/Z)Operator Password (R/W/Z)Analyst Password (R/W/Z)Auditor Password (R/W/Z)SNMP Session Key (R/W/Z)SNMPv3 password (R/W/Z) DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)
FIPS 140-2 Security PolicyServiceDescriptionRoleLDAP over TLSSecure remoteauthentication viaTLS protected LDAPUserSAML over TLS(Web GUI)Secure remoteauthentication to theWeb GUI via TLSprotected SAMLUser16 Key/CSP and Type of AccessDiffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)TLS Private Key (R/W/Z)TLS Public Key (R/W/Z)TLS Pre-Master Secret (R/W/Z)TLS Master Secret (R/W/Z)TLS Session Encryption Key (R/W/Z)TLS Session Integrity Key (R/W/Z)Admin Password (R/W/Z)Monitor Password (R/W/Z)Operator Password (R/W/Z)Analyst Password (R/W/Z)Auditor Password (R/W/Z)DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)TLS Private Key (R/W/Z)TLS Public Key (R/W/Z)TLS Pre-Master Secret (R/W/Z)TLS Master Secret (R/W/Z)TLS Session Encryption Key (R/W/Z)TLS Session Integrity Key (R/W/Z)Admin Password (R/W/Z)Monitor Password (R/W/Z)Operator Password (R/W/Z)Analyst Password (R/W/Z)Auditor Password (R/W/Z)DRBG entropy input (W/R)DRBG Seed (W/R)DRBG V (R/W/Z)DRBG Key (R/W/Z)Diffie-Hellman Shared Secret (R/W/Z)Diffie Hellman private key (R/W/Z)Diffie Hellman public key (R/W/Z)TLS Private Key (R/W/Z)
FIPS 140-2 Security PolicyServiceDescriptionRoleSecure logtransferTLS-basedconnection with aremote audit server.UserTLS to externalIT deviceSecure connectionbetween a CM andother FireEyeappliances using TLS.UserShow StatusView the operationalstatus of the modulePerform the FIPS 140start-up tests ondemandView status via theModules LEDs.Reboot of appliance.COKey/CSP and Type of Access TLS Public Key (R/W/Z) TLS Pre-Master Secret (R/W/Z) TLS Master Secret (R/W/Z) TLS Session Encryption Key (R/W/Z) TLS Session Integrity Key (R/W/Z) DRBG entropy input (W/R) DRBG Seed (W/R) DRBG V (R/W/Z) DRBG Key (R/W/Z) Diffie-Hellman Shared Secret (R/W/Z) Diffie Hellman private key (R/W/Z) Diffie Hellman public key (R/W/Z) TLS Private Key (R/W/Z) TLS Public Key (R/W/Z) TLS Pre-Master Secret (R/W/Z) TLS Master Secret (R/W/Z) TLS Session Encryption Key (R/W/Z) TLS Session Integrity Key (R/W/Z) DRBG entropy input (W/R) DRBG Seed (W/R) DRBG V (R/W/Z) DRBG Key (R/W/Z) Diffie-Hellman Shared Secret (R/W/Z) Diffie Hellman private key (R/W/Z) Diffie Hellman public key (R/W/Z) TLS Private Key (R/W/Z) TLS Public Key (R/W/Z) TLS Pre-Master Secret (R/W/Z) TLS Master Secret (R/W/Z) TLS Session Encryption Key (R/W/Z)N/ACON/AUnauthUnauthN/APerform SelfTestsStatus LEDOutputCycle Power17 DRBG entropy input (Z)DRBG Seed (Z)DRBG V (Z)
FIPS 140-2 Security PolicyServiceZeroization tionPerform zeroizationof all persistent CSPswithin the moduleR – Read, W – Write, Z – Zeroize18RoleCO Key/CSP and Type of AccessDRBG Key (Z)Diffie-Hellman Shared Secret (Z)Diffie Hellman private key (Z)Diffie Hellman public key (Z)SSH Session Key (Z)SSH Integrity Key (Z)SNMPv3 session key (Z)TLS Pre-Master Secret (Z)TLS Master Secret (Z)TLS Session Encryption Key (Z)TLS Session Integrity Key (Z)Admin Password (Z)Monitor Password (Z)Operator Password (Z)Analyst Password (Z)Auditor Password (Z)WSAPI Password (Z)SSH Private Key (Z)SSH Public Key (Z)SNMPv3 password (Z)TLS Private Key (Z)TLS Public Key (Z)
FIPS 140-2 Security Policy2.4Physical SecurityThe modules are production grade multi-chip standalone cryptographic modules that meetLevel 1 physical security requirements.19
2.5Cryptographic Key ManagementThe following table identifies each of the CSPs associated with the module. For each CSP, the following information is provided, The name of the CSP/Key The type of CSP and associated length A description of the CSP/Key Storage of the CSP/Key The zeroization for the CSP/KeyTable 5 - Details of Cryptographic Keys and CSPsKey/CSPDRBG entropyinputDRBG SeedDRBG VTypeCTR 256-bit,HMACSHA-512CTR 256-bit, HMACSHA-512CTR 256-bit, HMACSHA-512CTR 256-bit, HMACSHA-512DH 2048 – 4096 bitsDescriptionThis is the entropy for SP 800-90 RNG.StorageZeroizationDRAMDevice power cycle.Seed material used to seed or reseed the DRBG.DRAMDevice power cycle.DRAMDevice power cycle.DRAMDevice power cycle.DRAMDevice power cycle.DRAMDevice power cycle.Diffie Hellmanprivate keyDH (DSA) 2048 –4096 bitsInternal V value used as part of SP800-90 CTR DRBG, HMAC DRBG.Internal Key value used as part of SP800-90 CTR DRBG, HMAC DRBG.The shared exponent used in Diffie-Hellman (DH)exchange. Created per the Diffie-Hellmanprotocol.The private exponent used in Diffie-Hellman (DH)exchange.Diffie Hellmanpublic keyEC Diffie-HellmanShared SecretEC Diffie Hellmanprivate keyDH 2048 – 4096 bitsThe p used in Diffie-Hellman (DH) exchange.DRAMDevice power cycle.ECDH P-256, P-384,P-521ECDH P-256, P-384,P-521The shared secret used in the EC Diffie-Hellman(ECDH) exchange.The private key used in EC Diffie-Hellman (DH)exchange.DRAMDevice power cycle.DRAMDevice power cycle.DRBG KeyDiffie-HellmanShared Secret
FIPS 140-2 Security PolicyKey/CSPEC Diffie Hellmanpublic keySSH Private KeySSH Public KeySSH Session KeySSH Integrity KeySNMPv3 passwordSNMPv3 sessionkeyTLS Private KeyTLS Public KeyTLS Pre-MasterSecret21TypeECDH P-256, P-384,P-521RSA (Private Key)2048 – 3072 bitsRSA (Public Key)2048 – 3072 bitsAES 128, 256 bitsDescriptionThe public key used in EC Diffie-Hellman (DH)exchange.The SSH private key for the module used forsession authentication.The SSH public key for the module used for sessionauthentication.The SSH session key. This key is created throughSSH key establishment.HMAC-SHA1, HMAC- The SSH data integrity key. This key is createdSHA-256through SSH key establishment.HMAC-512Shared Secret, atThis secret is used to derive HMAC-SHA1 key forleast eightSNMPv3 Authentication.charactersAES 128 bitsSNMP symmetric encryption key used toencrypt/decrypt SNMP traffic.RSA (Private Key)This private key is used for TLS session2048 – 3072 bitsauthentication.ECDSA (Private Key)P-256 P-384 P-521RSA (Public Key)This public key is used for TLS session2048 – 3072 bitsauthentication.ECDSA (Public Key)P-256 P-384 P-521Shared Secret, 384Shared Secret created using asymmetricbitscryptography from which the TLS Master Secretcan be derived.StorageZeroizationDRAMDevice power cycle.NVRAMDRAMOverwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.Device power cycle.DRAMDevice power cycle.NVRAMOverwritten w/ “00”prior to replacement.DRAMDevice power cycle.NVRAMOverwritten w/ “00”prior to replacement.NVRAMOverwritten w/ “00”prior to replacement.DRAMDevice power cycle.NVRAM
FIPS 140-2 Security PolicyKey/CSPTLS Master SecretTypeShared Secret, 384bitsTLS SessionEncryption KeyTriple-DES 192-bitsTLS SessionIntegrity KeyStorageZeroizationDRAMDevice power cycle.DRAMDevice power cycle.HMAC-SHA used for TLS data integrity protection.DRAMDevice power cycle.Authentication password for the Admin user role.NVRAMAuthentication password for the Monitor userrole.Authentication password for the Operator userrole.Authentication password for the Analyst user role.NVRAMAuthentication password for the Audit user role.NVRAMAuthentication password for the WSAPI user role.NVRAMOverwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.Overwritten w/ “00”prior to replacement.AES 128, 256 bitsHMAC-SHA1HMAC-SHA256HMAC-SHA384Admin PasswordShared Secret, 8 charactersMonitor Password Shared Secret, 8 charactersOperator Password Shared Secret, 8 charactersAnalyst PasswordShared Secret, 8 charactersAuditor PasswordShared Secret, 8 charactersWSAPI PasswordShared Secret, 8 characters22DescriptionShared Secret created using the TLS Pre-MasterSecret from which new TLS session keys can becreated.Key used to encrypt/decrypt TLS session data.NVRAMNVRAM
2.6Cryptographic Algorithm2.6.1 FIPS-approved AlgorithmsThe following table identifies the FIPS-approved algorithms included in the module for use inthe FIPS mode of operation.Table 6 – FIPS-approved AlgorithmsAlgorithmTripleDES1CAVPCert. #C1720OptionsTECB(KO 1 e/d), TCBC(KO 1 e/d)KTS 112-bits (paired with HMAC Cert. #C1720)Per SP800-67 rev2, the user is responsible forensuring the module’s limit to 2 20 encryptionswith the same Triple-DES key while being usedin the TLS protocolTCFB1(KO 1 e/d); TCFB8 (KO 1 e/d); TCFB64(KO1 e/d); TOFB(KO 1 e/d)AESC1720ECB (e/d 128, 256); CBC (e/d 128,256); OFB (e/d 128); CTR (ext only; 128, 256 )GCM2 (KS: AES 128( e/d ) Tag Length(s): 128120 112 104 96 64 32 ) (KS: AES 256( e/d ) TagLength(s): 128 120 112 104 96 64 32 )IV Generated: ( Internal (using Section 8.2.1 ) ); PT Lengths Tested: ( 0 , 1024 ) ; AAD Lengthstested: ( 1024 ); 96BitIV Supported GMAC SupportedUsageUsed forencryption of TLSsessions.Implementedwithin the modulehowever neverused by any serviceUsed forencryption of SSH,SNMP, and TLSsessions. Used insupport of FIPSapproved DRBG.1The operator shall ensure that the number of 64-bit blocks encryp
2400 Research Blvd, Suite 395 Rockville, MD 20850 www.acumensecurity.net . The FireEye CM series is a group of management platforms that consolidates the administration, reporting, and data sharing of the FireEye NX, EX, and VX series in one easy-to-deploy, network-based platform. Within the FireEye
