Certifications
Focus
Focus
Next-Generation Firewall

Certifications

Table of Contents

Certifications

Learn about the Common Criteria and Federal Information Processing Standards that are often required by civilian U.S. government agencies and government contractors.
Where Can I Use This?What Do I Need?
NGFW (Managed by PAN-OS or Panorama)
  • No prerequisites needed
The Common Criteria and the Federal Information Processing Standard 140-2 (FIPS 140-2) and 140-3 (FIPS 140-3) are security certifications that ensure a standard set of security assurances and functionalities. These certifications are often required by civilian U.S. government agencies and government contractors.
For details about product certifications and third-party validation, refer to the Certifications page. For details about pending cryptographic modules refer to the Cryptographic Module Validation Program and search for Palo Alto Networks.
You can enable FIPS-CC mode on a software version that supports Common Criteria and the Federal Information Processing Standards 140-2 (FIPS 140-2). When you enable FIPS-CC mode, all FIPS and CC functionality is included.
FIPS-CC mode is supported on all Palo Alto Networks next-generation firewalls and appliances—including VM-Series firewalls. To enable FIPS-CC mode, first boot the firewall into the Maintenance Recovery Tool (MRT) and then change the operational mode from normal mode to FIPS-CC mode. The procedure to change the operational mode is the same for all firewalls and appliances but the procedure to access the MRT varies.
When you enable FIPS-CC mode, the firewall will reset to the factory default settings; all configuration will be removed.