CMVP Main Page

It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.

When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.

*** NOTE: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "other algorithms" (e.g. allowed or non-FIPS-Approved algorithms) have not been validated or tested through the CMVP. ***

Questions regarding modules on this list should first be directed to the module vendor.

Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.

Cert#	Vendor / CST Lab	Cryptographic Module	Module Type	Val. Date	Level / Description
1941	IBM Internet Security Systems, Inc. 6303 Barfield Road Atlanta, GA 30328 USA -Scott Sinsel TEL: 404-236-2722 FAX: 404-236-2632 CST Lab: NVLAP 200416-0	Proventia GX Series Security Appliances (Hardware Versions: GX7800 and GX7412; with FIPS-LABELS: FIPS 140 tamper evidence labels; Firmware Version: 4.3) (When operated in FIPS mode when installed with Firmware v4.3 and with the tamper evidence seals installed as indicated in the Security Policy. No assurance of module integrity when operating in non-FIPS mode.) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/30/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #2006); HMAC (Cert. #1211); RNG (Cert. #1049); RSA (Cert. #1035); SHS (Cert. #1756) -Other algorithms: RSA (key agreement; key establishment methodology provides 96 bits of encryption strength) Multi-chip standalone "The IBM Proventia Network Intrusion Prevention System (IPS) stops Internet threats before they impact your business and delivers protection to all three layers of the network: core, perimeter and remote segments. Preemptive protection, or protection that works ahead of the threat, is available from IBM Internet Security Systems through its proprietary combination of line-speed performance, security intelligence and a modular protection engine that enables security convergence."
1940	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Global Certification Team CST Lab: NVLAP 200427-0	IOS Common Cryptographic Module (IC2M) (Firmware Versions: Rel 1(1.0.0), Rel 1(1.0.1) and Rel 1(1.0.2)) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Firmware	04/30/2013	Overall Level: 1  -Tested: Cisco Catalyst 2960 with IOS 15.0SE; Cisco 3925 ISR with IOS 15.2; Cisco 2811 ISR with IOS 15.2 -FIPS-approved algorithms: AES (Certs. #2134 and #2136); CVL (Cert. #30); DRBG (Cert. #237); ECDSA (Cert. #322); HMAC (Cert. #1304); RSA (Cert. #1100); SHS (Certs. #1858 and #1859); Triple-DES (Certs. #1358, #1359 and #1360) -Other algorithms: DES; HMAC-MD5; MD2; MD5; RC2; RC4; SEAL; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength) Multi-chip standalone "The IC2M module provides the FIPS validated cryptographic algorithms for services requiring those algorithms. The module does not implement any protocols directly. Instead, it provides the cryptographic primitives and functions to allow IOS to implement those various protocols."
1939	Chunghwa Telecom Co., Ltd. 12, Lane 551, Min-Tsu Road SEC.5 Yang-Mei Taoyuan, Taiwan 326 Republic of China -Yeou-Fuh Kuan TEL: +886-3-424-4333 FAX: +886-3-424-4129 -Char-Shin Miou TEL: +886 3 424 4381 FAX: +886-3-424-4129 CST Lab: NVLAP 200928-0	HiCOS PKI Native Smart Card (Hardware Versions: HD65255C1 and HD65257C1; Firmware Versions: HardMask: 2.1 and SoftMask: 1.0) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/30/2013	Overall Level: 2  -Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: Triple-DES (Cert. #1219); Triple-DES MAC (Triple-DES Cert. #1219, vendor affirmed); SHS (Cert. #1649); RSA (Cert. #957); DRBG (Cert. #155) -Other algorithms: N/A Single-chip "The HiCOS PKI native smart card module is a single chip implementation of a cryptographic module. The HiCOS PKI native smart card module is mounted in an ID-1 class smart card body that adheres to ISO/IEC specifications for Integrated Circuit Chip (ICC) based identification cards. The module consists of the chip (ICC), the contact faceplate, and the electronic connectors between the chip and contact pad, all contained within an epoxy substrate."
1938	SafeLogic, Inc. 530 Lytton Avenue Suite 200 Palo Alto, CA USA -SafeLogic Inside Sales CST Lab: NVLAP 200556-0	CryptoComply™ | Mobile (Software Version: 2.1) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	04/30/2013	Overall Level: 1  -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Android 4.0 running on a Galaxy Nexus; iOS 5.1 running on a iPad 3; iOS 6 running on a iPad 3 (single-user mode) -FIPS-approved algorithms: AES (Certs. #2125 and #2126); HMAC (Certs. #1296 and #1297); DSA (Certs. #666 and #667); ECDSA (Certs. #319 and #320); RSA (Certs. #1094 and #1095); SHS (Certs. #1849 and #1850); Triple-DES (Certs. #1351 and #1352); DRBG (Certs. #233 and #234); CVL (Certs. #28 and #29); RNG (Certs. #1091 and #1092) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); Multi-chip standalone "CryptoComply™ | Mobile is a standards-based "Drop-in Compliance" cryptographic engine for mobile devices. The module delivers core cryptographic functions to mobile platforms and features robust algorithm support, including Suite B algorithms. CryptoComply™ | Mobile offloads functions for secure key management, data integrity, data at rest encryption, and secure communications to a trusted implementation."
1937	Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA -John Roberts TEL: 415-738-2810 CST Lab: NVLAP 200556-0	Symantec App Center Cryptographic Module (Software Version: 1.0) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	04/30/2013	Overall Level: 1  -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Android 4.0 running on a Galaxy Nexus; iOS 5.1 running on a iPad 3; iOS 6 running on a iPad 3 (single-user mode) -FIPS-approved algorithms: AES (Certs. #2125 and #2126); HMAC (Certs. #1296 and #1297); DSA (Certs. #666 and #667); ECDSA (Certs. #319 and #320); RSA (Certs. #1094 and #1095); SHS (Certs. #1849 and #1850); Triple-DES (Certs. #1351 and #1352); DRBG (Certs. #233 and #234); CVL (Certs. #28 and #29); RNG (Certs. #1091 and #1092) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); Multi-chip standalone "The Symantec App Center Cryptographic Module Version 1.0 provides cryptographic functions for Symantec App Center, a scalable solution for deploying and managing native and web apps on corporate-liable and employee-owned mobile devices."
1936	Mxtran Inc. 9F, No.16, Li-Hsin Road, Science Park Hsin-chu, 300 Taiwan, R.O.C. -C.W. Pang TEL: +886-3-6661778#29300 FAX: +886-3-6662568 CST Lab: NVLAP 200824-0	Mxtran Payeeton Solution (Hardware Version: MX12E320128E; Firmware Version: Simker v3.20) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Hardware	04/24/2013	Overall Level: 3  -FIPS-approved algorithms: AES (Cert. #1691); ECDSA (Cert. #340); HMAC (Cert. #1339); RNG (Cert. #1107); RSA (Cert. #1127); SHS (Cert. #1479); Triple-DES (Cert. #1091) -Other algorithms: Triple-DES (Cert. #1091, key wrapping; key establishment methodology provides 112 bits of encryption strength) Single-chip "Mxtran Payeeton Solution of Mxtran Inc. acts as a flexible platform for diversified mobile commerce services, allowing Mxtran clients to support both proximity payment and mobile payment via Short Message Service for prepaid, online paid and post-paid services including e-ticketing, e-coupons, access control, membership management and more. Mxtran leverages extensive integrated circuit expertise to deliver highly customizable, portable applications and payment services in a single handset."
1935	Cisco Systems, Inc. 170 West Tasman Drive, San Jose, CA 95134 USA -Global Certification Team CST Lab: NVLAP 200427-0	Cisco 5915 Embedded Services Routers (Hardware Versions: Cisco 5915 ESR air-cooled card and Cisco 5915 ESR conduction-cooled card; Firmware Version: 1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/18/2013	Overall Level: 1  -Design Assurance: Level 2 -FIPS-approved algorithms: AES (Certs. #962, #1535 and #2031); DRBG (Cert. #196); HMAC (Certs. #537 and #1232); RSA (Cert. #1055); SHS (Certs. #933 and #1779); Triple-DES (Certs. #757 and #1310) -Other algorithms: DES; DES MAC; HMAC MD4; HMAC MD5; MD4; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength); GDOI (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength) Multi-chip embedded "The Cisco 5915 ESR is a high-performance, ruggedized router designed for use in harsh environments-offering reliable operation in extreme temperatures and under shock and vibration conditions typical for mobile applications in rugged terrain. With onboard hardware encryption, the Cisco 5915 ESR offloads encryption processing from the routing engine to provide highly secure yet scalable video, voice, and data services for mobile and embedded outdoor networks."
1934	VT iDirect, Inc. 13865 Sunrise Valley Drive Suite 100 Herndon, VA 20171 USA -Paul Harr TEL: 703-648-8225 FAX: 703-648-8088 CST Lab: NVLAP 200556-0	Evolution e8350™ - FIPSL2 Satellite Router [1], iConnex e800™ - FIPSL2 Satellite Router Board [2], iConnex e850MP™ - FIPSL2 Satellite Router Board [3], Evolution eM1D1™ - FIPSL2 Line Card [4] and Evolution eM0DM™ - FIPSL2 Line Card [5] (Hardware Versions: Part #E0000051-0005 [1]; Part #E0001340-0001 [2]; Part #E0000731-0004 [3]; Part #E0001306-0001 [4]; Part #E0001306-0002 [5]; Firmware Version: iDX version 2.3.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/18/2013	Overall Level: 1  -Physical Security: Level 2 -FIPS-approved algorithms: AES (Certs. #1944 and #1945); SHS (Cert. #1709); RNG (Cert. #1024); RSA (Cert. #1007); HMAC (Cert. #1173) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); PBKDF (non-compliant) Multi-chip embedded "iDirect's AES-based bidirectional TRANSEC, combined with other system features such as cutting-edge coding techniques, acceleration and compression provides a fully integrated IP networking solution where security, performance and bandwidth efficiency are critical"
1933	Red Hat®, Inc. 314 Littleton Road Westford, MA 01886 USA -Ann-Marie Rubin TEL: 978-392-1000 FAX: 978-392-1001 CST Lab: NVLAP 200658-0	Red Hat Enterprise Linux 6.2 dm-crypt Cryptographic Module (Software Version: 2.0) (When operated in FIPS mode with Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758, Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module validated to FIPS 140-2 under Cert. #1901, Red Hat Enterprise Linux 6.2 Libgcrypt Cryptographic Module validated to FIPS 140-2 under Cert. #1757 and NSS Cryptographic Module validated to FIPS 140-2 under Cert. #1837, each module shall be obtained, installed, and initialized as specified in Section 9.1 of the provided Security Policy. Section 1 of the provided Security Policies specifies the precise RPM file containing each module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	04/15/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux 6.2 without AES-NI running on HP ProLiant DL585; Red Hat Enterprise Linux 6.2 with AES-NI running on IBM HS22; Red Hat Enterprise Linux 6.2 without AES-NI running on IBM HS22 (single-user mode) -FIPS-approved algorithms: AES (Certs. #1968, #1969, #1970, #1971 and #1972); Triple-DES (Certs. #1278 and #1279); SHS (Certs. #1657, #1658, #1659, #1660, #1661, #1662, #1663, #1664, #1725, #1726, #1741 and #1742); HMAC (Certs. #1128, #1129, #1130, #1131, #1132, #1133, #1134, #1135, #1199 and #1200); RNG (Certs. #988, #991, #992 and #993); DSA (Certs. #628, #629, #634 and #635); PBKDF (vendor affirmed) -Other algorithms: DES; AES-CTR (non-compliant); AES-XTS (non-compliant); AES-CBC (non-compliant) Multi-chip standalone "Device-mapper is an infrastructure in the Linux kernel that provides a generic way to create virtual layers of block devices on top of real block devices. dm-crypt is a device-mapper target that provides transparent encryption of block devices using the Kernel Crypto API shipped with RHEL 6.2. The user can specify one of the symmetric ciphers, a key (of any allowed size), an IV generation mode which allows the user to create a new block device in /dev. Writes to this device will be encrypted and reads decrypted transparent to the user."
1932	Cisco Systems, Inc. 170 West Tasman Dr. San Jose, CA 95134 USA -Global Certification Team CST Lab: NVLAP 200427-0	Cisco ASA 5505, ASA 5510, ASA 5520, ASA 5540, ASA 5550, ASA 5580-20, ASA 5580-40, ASA 5585-X SSP-10, 5585-X SSP-20, 5585-X SSP-40 and 5585-X SSP-60 Security Appliances (Hardware Versions: 5505 [1, 2], 5510 [1], 5520 [1], 5540 [1], 5550 [1], 5580-20 [3], 5580-40 [3], 5585-X SSP-10 [4], 5585-X SSP-20 [4], 5585-X SSP-40 [4], 5585-X SSP-60 [4] with [FIPS Kit (DS-FIPS-KIT= Rev -BO)] [1], [ASA 5505 FIPS Kit (ASA5505-FIPS-KIT Rev-A0)] [2], [ASA 5580 FIPS Kit (ASA5580-FIPS-KIT)] [3] or [ASA 5585 FIPS Kit (ASA5585-X-FIPS-KIT)] [4]; Firmware Version: 8.4.4.1) (Validated when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy and when operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/08/2013	Overall Level: 2  -Roles, Services, and Authentication: Level 3 -FIPS-approved algorithms: AES (Certs. #105, #1407, #2047, #2049 and #2050); HMAC (Certs. #125, #301, #1244, #1246 and #1247); RNG (Certs. #144, #329, #772, #1068 and #1070); RSA (Certs. #106, #261, #1064, #1065 and #1066); SHS (Certs. #196, #630, #1791, #1793 and #1794); Triple-DES (Certs. #217, #559, #960, #1320 and #1321) -Other algorithms: DES; HMAC MD5; MD5; NDRNG; RC4; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 112 bits of encryption strength; non-compliant less than 80 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 bits and 112 bits of encryption strength; non-compliant less than 80 bits of encryption strength) Multi-chip standalone "The market-leading Cisco ASA Security Appliance Series deliver robust user and application policy enforcement, multi-vector attack protection, and secure connectivity services in cost-effective, easy-to-deploy solutions. The ASA 5500 Series Adaptive Security Appliances provide comprehensive security, performance, and reliability for network environments of all sizes"
1931	INSIDE Secure 41 Parc Club du Golf Aix-en-Provence, 13856 France -Bob Oerlemans TEL: +31 73 6581 900 FAX: +31 73 6581 999 CST Lab: NVLAP 200427-0	SafeZone FIPS Cryptographic Module (Software Version: 1.0.3) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	04/08/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Linux kernel 2.6 running on a Pandaboard; Android 2.3 running on a Pandaboard; Android 4.0 running on a Pandaboard (single-user mode) -FIPS-approved algorithms: AES (Cert. #2041); CVL (Cert. #21); CVL (SP 800-135rev1, vendor affirmed); DRBG (Cert. #203); DSA (Cert. #648); ECDSA (Cert. #299); HMAC (Cert. #1240); KBKDF (vendor affirmed); KTS (vendor affirmed); PBKDF (vendor affirmed); RSA (Cert. #1061); SHS (Cert. #1787); Triple-DES (Cert. #1318) -Other algorithms: AES (Cert. #2041, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength) Multi-chip standalone "SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives needed for DAR, DRM, TLS, and VPN on mobile devices."
1930	SUSE Linux Products GmbH Maxfeldstr. 5 Nuremberg, 90409 Germany -Roman Drahtmüller TEL: +49-911-74053127 CST Lab: NVLAP 200658-0	OpenSSL Module (Software Version: 0.9.8j) (The module generates cryptographic keys whose strengths are modified by available entropy. When installed, initialized and configured as specified in the security policy section 9.1) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	04/08/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with SUSE Linux Enterprise Server 11 SP2 32-bit running on HP ProLiant DL380 without AES-NI; SUSE Linux Enterprise Server 11 SP2 32-bit running on HP ProLiant DL380 with AES-NI; SUSE Linux Enterprise Server 11 SP2 64-bit running on HP ProLiant DL380 without AES-NI; SUSE Linux Enterprise Server 11 SP2 64-bit running on HP ProLiant DL380 with AES-NI (single-user mode) -FIPS-approved algorithms: AES (Certs. #2052, #2053, #2054 and #2055); Triple-DES (Certs. #1323 and #1324); DSA (Certs. #650 and #651); SHS (Certs. #1797 and #1798); RNG (Certs #1073 and #1074); HMAC (Cert #1249 and #1250); RSA (Certs #1069 and #1070) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 160 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 160 bits of encryption strength); MD5; HMAC-MD5 Multi-chip standalone "The OpenSSL Module is a software library supporting FIPS 140-2 -approved cryptographic algorithms for the purposes of protecting data in transit and at rest on the SUSE Linux platforms."
1929	SonicWALL, Inc. 2001 Logic Drive San Jose, CA 95124-3452 USA -Usha Sanagala TEL: 408-962-6248 FAX: N/A CST Lab: NVLAP 100432-0	SRA EX9000 (Hardware Version: P/N 101-500352-50 Rev A; Firmware Version: SRA 10.6.1) (When operated in FIPS mode with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/08/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1868, #1869 and #1870); HMAC (Certs. #1113, #1114 and #1115); RNG (Cert. #980); RSA (Certs. #950 and #951); SHS (Certs. #1642, #1643 and #1644); Triple-DES (Certs. #1213, #1214 and #1215) -Other algorithms: RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); NDRNG; MD5; RC4 Multi-chip standalone "Mobile enterprises with hundreds or even thousands of mobile users can enjoy secure, easy-to-manage remote access with the Dell® SonicWALL® Aventail® E-Class Secure Remote Access (SRA) EX9000 appliance. This clientless SSL VPN solution increases user productivity and maximizes IT control by providing authorized access to any application from a broad range of cross-platform devices."
1928	Christie Digital Systems Canada, Inc. 809 Wellington St. N. Kitchener, ON N2G 4Y7 CANADA -Kevin Draper TEL: 519-741-3741 FAX: 519-741-3912 CST Lab: NVLAP 200802-0	Christie IMB-S2 4K Integrated Media Block (IMB) (Hardware Version: 000-102675-01; Firmware Versions: 1.0.1-2641 or 1.0.3-3047 or 1.1.0-3271 or 1.2.0-3400 or 1.2.1-3546) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/08/2013; 04/19/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #2042 and #2043); SHS (Certs. #1788 and #1789); HMAC (Certs. #1241 and #1242); RNG (Cert. #1066); RSA (Cert. #1062) -Other algorithms: NDRNG; MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); TI ECDH; TI S-box Multi-chip embedded "The Christie IMB-S2 is a DCI-compliant solution to enable the playback of the video, audio and timed text essence on a 2K or 4K DLP Series-II digital cinema projector. The IMB-S2 utilizes an integrated SMS and permits the playback of alternative content and High Frame Rate (HFR) material."
1927	Feitian Technologies Co., Ltd. Floor 17th, Tower B, Huizhi Mansion No.9 Xueqing Road Haidan District Beijing, 100085 China -Tibi Zhang TEL: 86-010-62304466 x821 FAX: 86-010-62304416 -Xiaozhi Zheng TEL: 86-010-62304466 x531 FAX: 86-010-62304416 CST Lab: NVLAP 200427-0	FEITIAN-FIPS-COS (Hardware Version: 1.0.0; Firmware Version: 1.0.0) (When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/08/2013	Overall Level: 2  -Physical Security: Level 3 -FIPS-approved algorithms: AES (Cert. #1473); DRBG (Cert. #58); RSA (Cert. #720); SHS (Cert. #1332); Triple-DES (Cert. #991) -Other algorithms: AES MAC (AES Cert. #1473; non-compliant); DES; RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength) Single-chip "FEITIAN-FIPS-COS, is both an integrated circuit and an operating system, and has been developed to support their ePass series USB1 tokens. These tokens are designed to provide strong authentication and identification and to support network logon, secure online transactions, digital signatures, and sensitive data protection. The FEITIAN-FIPS-COS provides all cryptographic functionality for their ePass line of products. ePass supports dual-factor authentication with an ISO27816-12 USB interface for the PC host connection acting as a smart card reader."
1926	CST Lab: NVLAP 200427-0	Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	04/08/2013	Overall Level: 1  -FIPS-approved algorithms: -Other algorithms: Single-chip
1925	Samsung Electronics Co., Ltd. 416, Maetan 3-Dong Youngton Gu Suwon, Gyeonggi 152-848 South Korea -Ross Choi TEL: 972-761-7628 -Bumhan Kim TEL: +82-10-4800-6711 CST Lab: NVLAP 200658-0	Samsung Key Management Module (Software Version: KM1.1) (The module generates cryptographic keys whose strengths are modified by available entropy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	04/04/2013	Overall Level: 1  -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Android Ice Cream Sandwich 4.0 on Galaxy S2 and Galaxy S3; Android Jelly Bean 4.1 on Galaxy Note II (single-user mode) -FIPS-approved algorithms: AES (Certs. #2048, #2098, #2142, #2143 and #2257); SHS (Certs. #1792, #1822, #1864, #1865 and #1944); RNG (Certs. #1069, #1080, #1097, #1098 and #1127); HMAC (Certs. #1245, #1273, #1309, #1310 and #1384); PBKDF (vendor affirmed) -Other algorithms: N/A Multi-chip standalone "Provides general purpose key management services to user-space applications on the mobile platform."
1924	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP MSR30/50 Routers with Encryption Accelerator Modules (Hardware Versions: HP MSR30-10 with JG585A and JG582A, HP MSR30-40 with JG585A and JG580A, HP MSR30-60 with JG585A and JG581A, HP MSR30-20 PoE with JG585A and JG579A, HP MSR30-60 PoE with JG585A and JG581A, HP MSR50-40 with JG586A and JG583A and HP MSR50-60 with JG586A and JG584A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/26/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Certs. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone "The HP MSR30/50 provides devices are suitable for a range of uses: core routers on small and medium enterprise networks, access routers for network branches on some large-sized enterprise networks, regional offices, and mid-sized businesses. Each device is based on the Comware 5.2 platform."
1923	Crossbeam Systems, Inc. 80 Central Street Boxborough, MA 01719 USA CST Lab: NVLAP 200556-0	X60 and X80-S Platforms (Hardware Versions: (APM-9600, CPM-9600, NPM-9610 and NPM-9650) with XS-FIPS-LABEL-KIT; Firmware Version: XOS v9.9.0.0) (When operated in FIPS mode and the tamper evident seals installed as indicated in the Security Policy. No assurance of module integrity when operating in non-FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 2  -Roles, Services, and Authentication: Level 3 -FIPS-approved algorithms: AES (Certs. #1877 and #1878); Triple-DES (Certs. #1220 and #1221); RSA (Cert. #958); SHS (Certs. #1650 and #1651); RNG (Certs. #983); DSA (Cert. #587) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 219 bits of encryption strength); RSA (Cert #961; non-compliant); PRNG (Cert #986; non-compliant); DSA (Cert #590; non-compliant); Blowfish; RC4; CAST128 Multi-chip standalone "Crossbeam’s X-Series network security platform offers enterprises, service providers and governments an open, high-performance architecture that easily scales multiple security applications to meet changing security threats. Crossbeam intelligently manages risk and protects businesses from evolving threats."
1922	Hewlett-Packard Company 1160 Enterprise Way Sunnyvale, CA 94089 USA -Theresa Conejero TEL: 650-265-3634 FAX: 650-265-5528 CST Lab: NVLAP 100432-0	HP Enterprise Secure Key Manager (Hardware Version: P/N AJ585A, Version 3.0; Firmware Version: 5.0.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -FIPS-approved algorithms: AES (Cert. #2069); DRBG (Cert. #207); DSA (Cert. #653); HMAC (Cert. #1254); CVL (Cert. #23); RSA (Cert. #1073); SHS (Cert. #1802); Triple-DES (Cert. #1328) -Other algorithms: NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 80-bits of encryption strength); DES; MD5; RC4 Multi-chip standalone "HP Enterprise Secure Key Manager (ESKM) provides key generation, retrieval, and management for encryption devices and solutions. ESKM is a hardened security appliance with secure access control, administration, and logging. ESKM supports high availability with automatic multi-site clustering, replication, and failover."
1921	CST Lab: NVLAP 200427-0	Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 2  -Physical Security: Level 3 -FIPS-approved algorithms: -Other algorithms: Multi-chip standalone
1920	CST Lab: NVLAP 200427-0	Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 2  -Physical Security: Level 3 -FIPS-approved algorithms: -Other algorithms: Multi-chip standalone
1919	CST Lab: NVLAP 200427-0	Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 2  -Physical Security: Level 3 -FIPS-approved algorithms: -Other algorithms: Multi-chip standalone
1918	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Global Certification Team CST Lab: NVLAP 200427-0	Cisco 7600 Series Routers with Supervisor RSP720 (Hardware Versions: (7603-S, 7604, 7606-S, 7609-S, 7613, V02, V07, V13, V14 and -F0) with FIPS kit (Cisco-FIPS-KIT=); Firmware Version: 15.1(3)S3) (Validated when tamper evident labels are installed as indicated in the Security Policy and when operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy.) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 1  -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 2 -FIPS-approved algorithms: AES (Certs. #598 and #2036); DRBG (Cert. #198); HMAC (Certs. #348 and #1234); RSA (Cert. #1056); SHS (Certs. #647 and #1781); Triple-DES (Certs. #569 and #1312) -Other algorithms: DES; DES MAC; HMAC MD5; MD4; MD5; Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 156 bits of encryption strength) Multi-chip standalone "The Cisco 7600-S Router is a compact, high-performance router designed in 3, 4, 6, 9 and 13-slot form factor for deployment at the network edge, where robust performance and IP/Multiprotocol Label Switching (MPLS) services are necessary to meet the requirements of both enterprises and service providers."
1916	CST Lab: NVLAP 200427-0	Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/22/2013	Overall Level: 1  -FIPS-approved algorithms: -Other algorithms: Single-chip
1915	Samsung Electronics Co., Ltd. 416, Maetan 3-Dong Youngton Gu Suwon, Gyeonggi 152-848 South Korea -Ross Choi TEL: 972-761-7628 -Bumhan Kim TEL: +82-10-4800-6711 CST Lab: NVLAP 200658-0	Samsung Kernel Cryptographic Module (Software Versions: SKC1.4.1 and SKC 1.4.1.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	03/20/2013	Overall Level: 1  -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Android Ice Cream Sandwich 4.0 running on Galaxy S3; Android Jelly Bean 4.1 running on Note II (single-user mode) -FIPS-approved algorithms: AES (Certs. #2056, #2097, #2141, #2144 and #2256); SHS (Certs. #1799, #1821, #1863, #1866 and #1943); RNG (Certs. #1075, #1079, #1096, #1099 and #1126); Triple-DES (Certs. #1325, #1334, #1361, #1362 and #1411); HMAC (Certs. #1251, #1272, #1308, #1311 and #1383) -Other algorithms: DES; AES-CTS (non-compliant); Triple-DES (CTR; non-compliant); Twofish; AEAD; MD5; ansi_cprng; ARC4; GHASH (GCM hash) Multi-chip standalone "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest."
1914	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP MSR30/50 Routers (Hardware Versions: HP MSR30-10 with JG585A and JG582A, HP MSR30-20 with JG585A and JG579A, HP MSR30-40 with JG585A and JG580A, HP MSR30-60 with JG585A and JG581A, HP MSR30-20 PoE with JG585A and JG579A, HP MSR 30-40 PoE with JG585A and JG580A, HP MSR30-60 PoE with JG585A and JG581A, HP MSR50-40 with JG586A and JG583A, HP MSR50-60 with JG586A and JG584A, HP MSR50-40 DC with JG586A and JG583A and HP MSR50-60 DC with JG586A and JG584A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Cert. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone "The HP MSR30/50 provides devices are suitable for a range of uses: core routers on small and medium enterprise networks, access routers for network branches on some large-sized enterprise networks, regional offices, and mid-sized businesses. Each device is based on the Comware 5.2 platform."
1913	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP A-Series Routers (Hardware Versions: HP 6602 with JG586A and JG575A, HP 6604 with JG586A and JG578A, HP 6608 with JG586A and JG577A, HP 6616 with JG586A and JG576A, HP 8805 with JG586A and JG570A, HP 8808 with JG586A and JG571A and HP 8812 with JG586A and JG572A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Cert. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone "The HP A-series provides devices are suitable for a range of uses: in IP backbone networks, IP metropolitan area networks (MANs), or the core or convergence layers of large IP networks. The A-series routers provide a flexible, modular form factor."
1912	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP Networking Switches (Hardware Versions: HP 5120-24G EI with JG585A and JG557A, HP 5120-48G EI with JG585A and JG557A, HP 5120-24G-PoE+ EI with JG585A and JG559A, HP 5120-48G-PoE+ EI with JG585A and JG559A, HP 5500-24G EI with JG585A and JG557A, HP 5500-24G-PoE+ EI with JG585A and JG559A, HP 5500-24G-SFP EI with JG585A and JG558A, HP 5500-48G EI with JG585A and JG557A, HP 5500-48G-PoE+ EI with JG585A and JG559A, HP 5800-24G with JG585A and JG563A, HP 5800-24G-PoE+ with JG585A and JG560A, HP 5800-24G-SFP with JG585A and JG562A, HP 5800-48G with JG585A and JG563A, HP 5800-48G-PoE with JG585A and JG560A, HP 5800-48G-2slot with JG585A and JG561A, HP 5820-14XG-SFP with JG585A and JG561A, HP 5820-24XG-SFP with JG585A and JG564A, HP 7510 with JG586A and JG565A, HP 7506 with JG586A and JG566A, HP 7506V with JG586A and JG567A, HP 7503 with JG586A and JG568A, HP 7502 with JG586A and JG569A, HP 7503-S with JG586A and JG569A, HP 9505 with JG586A and JG570A, HP 9508V with JG586A and JG571A, HP 9512 with JG586A and JG572A, HP 12508 with JG586A and JG574A and HP 12518 with JG586A and JG573A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Hardware	03/20/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Cert. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); Multi-chip standalone "HP Networking Box Switches are focused on enterprise access and aggregation application or datacenter application and are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. The series includes fixed-port L2/L2+ managed Ethernet switch appliances, fixed-port L3 managed Ethernet switch appliances, and modular Ethernet switches. Each device is based on the Comware 5.2 platform."
1911	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP A-Series Routers with VPN Firewall Module (Hardware Versions: HP 6604 with JG586A and JG578A, HP 6608 with JG586A and JG577A, HP 6616 with JG586A and JG576A, HP 8805 with JG586A and JG570A, HP 8808 with JG586A and JG571A and HP 8812 with JG586A and JG572A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Cert. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone "The HP A-series provides devices are suitable for a range of uses: in IP backbone networks, IP metropolitan area networks (MANs), or the core or convergence layers of large IP networks. The A-series routers provide a flexible, modular form factor."
1910	Hewlett-Packard Company 153 Taylor Street Littleton, MA 01460 USA -Boby Joseph TEL: 978-264-5379 FAX: 978-264-5522 CST Lab: NVLAP 200427-0	HP Networking Switches with VPN Firewall (Hardware Versions: HP 7510 with JG586A and JG565A, HP 7506 with JG586A and JG566A, HP 7506V with JG586A and JG567A, HP 7503 with JG586A and JG568A, HP 7502 with JG586A and JG569A, HP 7503-S with JG586A and JG569A, HP 9505 with JG586A and JG570A, HP 9508V with JG586A and JG571A, HP 9512 with JG586A and JG572A, HP 12508 with JG586A and JG574A and HP 12518 with JG586A and JG573A; Software Version: 5.2; Firmware Version: 5.2) (When operated in FIPS mode with tamper evident labels and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #1927); DSA (Cert. #611); HMAC (Cert. #1161); RNG (Cert. #1014); RSA (Cert. #993); SHS (Cert. #1692); Triple-DES (Cert. #1254) -Other algorithms: DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RC4; MD5; MD5 HMAC; RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength) Multi-chip standalone "HP Networking Box Switches are focused on enterprise access and aggregation application or datacenter applicationan are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. The series includes modular Ethernet switches. Each device is based on the Comware 5.2 platform."
1909	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Palani Karuppan TEL: 408-525-2747 FAX: n/a CST Lab: NVLAP 100432-0	Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with Wireless Services Modules-2 (WiSM2) (Hardware Version: Chassis: Catalyst 6506 switch [1], Catalyst 6506-E switch [2], Catalyst 6509 switch [3] and Catalyst 6509-E switch [4]; Backplane: WS-C6506 [1], WS-C6506-E [2], WS-C6509 [3] and WS-C6509-E [4]; FIPS Kit: P/N 800-27009 [1, 2], P/N 800-26335 [3, 4] and WS-SVCWISM2FIPKIT= [1, 2, 3, 4]; with one Supervisor Blade [1, 2, 3, 4]: [WS-SUP720-3BXL, WS-SUP720-3B, VS-S720-10G-3C or VS-S720-10G-3CXL] and with one WiSM2 [1, 2, 3, 4]: [WS-SVC-WISM2-K-K9 [B], WS-SVC-WISM2-K-K9= [B], WS-SVC-WISM2-K9= [A, B], WS-SVC-WISM2-5-K9= [A, B], WS-SVC-WISM2-3-K9= [A, B], WS-SVC-WISM2-1-K9= [A, B], WS-SVC-WISM2-5-K9 [A, B], WS-SVC-WISM2-3-K9 [A, B] or WS-SVC-WISM2-1-K9 [A, B]]; Firmware Version: Supervisor Blade: Cisco IOS Release 12.2.33SXJ, Cisco IOS Release 12.2.33SXJ1, or Cisco IOS Release 12.2.33SXJ2; WiSM2: 7.0.230.0 [A] or 7.2.103.0 [B]) (When operated in FIPS mode and with the tamper evident seals and physical security devices installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1346, #1347 and #1348); HMAC (Certs. #785, #786 and #787); RNG (Certs. #741 and #742); RSA (Certs. #653 and #654); SHS (Certs. #1228, #1229 and #1230); Triple-DES (Cert. #935) -Other algorithms: RSA (key wrapping; key establishment methodology provides 96 bits of encryption strength); AES (Cert. #1346, key wrapping; key establishment methodology provides 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); RC4; MD5; HMAC MD5; AES-CTR (non-compliant); CCKM Multi-chip standalone "The Cisco Catalyst 6506, 6506-E, 6509 and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM2 Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM2 Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management."
1908	Panzura, Inc. 22 Great Oaks Blvd # 150 San Jose, CA 95119 USA -Randy Chou TEL: 408-457-8504 CST Lab: NVLAP 100432-0	Panzura Cryptographic Module 4.2 (Software Version: 4.2) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	03/20/2013	Overall Level: 1  -Roles, Services, and Authentication: Level 2 -Operational Environment: Tested as meeting Level 1 with Panzura Cloud Controller 8.0 running on Dell PowerEdge R410 with AES-NI; Panzura Cloud Controller 8.0 on VMware ESX running on Dell PowerEdge R410 with AES-NI; Panzura Cloud Controller 8.0 on VMware ESX running on Dell PowerEdge R410 (single user mode) -FIPS-approved algorithms: AES (Cert. #2269); DRBG (Cert. #278); DSA (Cert. #707); HMAC (Cert. #1389); RNG (Cert. #1130); RSA (Cert. #1162); SHS (Cert. #1951); Triple-DES (Cert. #1417); ECDSA (Cert. #366); CVL (Cert. #42) -Other algorithms: EC Diffie-Hellman; RSA (encrypt/decrypt) Multi-chip standalone "The Panzura Cryptographic Module provides validated cryptographic services for multiple Panzura products."
1907	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Palani Karuppan TEL: 408-525-2747 CST Lab: NVLAP 100432-0	Cisco Aironet® CAP3602E and CAP3602I Wireless LAN Access Points (Hardware Versions: CAP3602E Revision B0 and CAP3602I Revision B0; FIPS Kit AIR-AP-FIPSKIT=, Version B0; Firmware Version: 7.2.103.0) (When operated in FIPS mode and with the tamper evident seals and security devices installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/14/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1991, #1992 and #1993); HMAC (Certs. #1204 and #1205); RNG (Cert. #1046); RSA (Cert. #1033); SHS (Certs. #1746 and #1747) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); RC4; MD5; HMAC MD5 Multi-chip standalone "The Cisco Aironet® 3600 Series sustains reliable connections at higher speeds further from the access point than competing solutions, resulting in up to three times more availability of 450 Mbps rates, and optimizing the performance of more mobile devices. Cisco Aironet® 3600 Series is an innovative, modular platform that offers unparalleled investment protection with future module expansion to support incoming 802.11ac clients with 870 Mbps rates, or offer comprehensive security and spectrum monitoring and control."
1906	Biscom, Inc. 321 Billerica Road Chelmsford, MA 01824 USA -Bill Ho TEL: 978-367-3544 FAX: 978-367-9624 -Sharif Rahman TEL: 978-367-3544 FAX: 978-367-9624 CST Lab: NVLAP 200427-0	Biscom Cryptographic Library Version 1.0 (Software Version: 1.0) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	03/12/2013	Overall Level: 1  -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) with Sun JRE 6.0 running on a Dell Optiplex 790 (single-user mode) -FIPS-approved algorithms: AES (Cert. #2029); HMAC (Cert. #1231); RNG (Cert. #1062); SHS (Cert. #1778) -Other algorithms: N/A Multi-chip standalone "The Biscom Cryptographic Library (the cryptographic module or the module) provides cryptographic security functions as Java APIs for application developers to integrate cryptographic services into Biscom applications or systems. The module is distributed only as an integrated subcomponent of the Biscom Delivery Server (BDS). The Biscom Cryptographic Library provides security functions for encryption, decryption, random number generation, hashing, getting the status of the integrity test, and running the self-tests. The library is used by the application"
1905	Seagate Technology LLC 1280 Disc Drive Shakopee, MN 55379 USA -David R Kaiser, PMP TEL: 952-402-2356 FAX: 952-402-1273 CST Lab: NVLAP 200427-0	Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module (Hardware Versions: ST900MM0036 [1], ST600MM0036 [1], ST4000NM0063 [1] and ST4000NM0073 [2]; Firmware Versions: A000 [1] and F001 [2]) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/12/2013	Overall Level: 2  -EMI/EMC: Level 3 -FIPS-approved algorithms: AES (Certs. #1343, #1974 and #2068); DRBG (Cert. #62); RSA (Cert. #1021); SHS (Cert. #1225) -Other algorithms: N/A Multi-chip embedded "The Seagate Secure® TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module is embodied in Seagate Savvio+ 10K.6 and Constellation+ ES.3 SED model disk drives. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download."
1904	Fortress™ Technologies 2 Technology Park Drive Westford, MA 01886 USA -Michael Chapman TEL: 978-923-6430 FAX: 813-288-7389 CST Lab: NVLAP 200427-0	Fortress Mesh Points (Hardware Versions: ES210, ES2440, ES440, ES520v1, ES520v2 and ES820; Firmware Version: 5.4.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	03/20/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #688, #694 and #1519); DRBG (Cert. #66); ECDSA (Cert. #371); HMAC (Certs. #367, #371 and #889); KAS (Cert. #10); RNG (Certs. #402 and #406); RSA (Cert. #439); SHS (Certs. #717, #721 and #1357) -Other algorithms: MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone "The Fortress Mesh Point is an all-in-one network access device housed in a rugged compact chassis, with the most stringent security available today built in. It can serve as a wireless bridge, a WLAN access point, and an eight-port LAN switch, while performing all the functions of a Fortress controller device: encrypting wireless traffic and providing Multi-factor Authentication for devices on the network it protects."
1903	Mocana Corporation 350 Sansome Street Suite 1010 San Francisco, CA 94104 USA -James Blaisdell TEL: 415-617-0055 FAX: 415-617-0056 CST Lab: NVLAP 100432-0	Mocana Cryptographic Loadable Kernel Module (Software Version: 5.5f) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	02/22/2013; 03/28/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Android 2.2 running on a LG Optimus 3D (LG-P920); Android 2.3 running on a LG G2X (LG-P999); Android 4.0 running on a Samsung Nexus-S (GT-I9023); Android 4.1 running on a LG Optimus (LG-P920); Ubuntu Linux 32 bit running on a Dell Dimension 9200; Ubuntu Linux 64 bit running on a Dell Dimension 9200 (single-user mode) -FIPS-approved algorithms: AES (Cert. #2039 and #2272); Triple-DES (Cert. #1316); SHS (Cert. #1785); HMAC (Cert. #1238); RNG (Cert. #1065); DRBG (Cert. #201) -Other algorithms: NDRNG; DES; Blowfish; ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; AES EAX (non-compliant); AES XCBC (non-compliant) Multi-chip standalone "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com."
1902	Imation Corp. Discovery Bldg. 1A-041 Oakdale, MN 55128 USA -Laurence Hamid TEL: 819-595-3069 CST Lab: NVLAP 100432-0	Imation S250/D250 (Hardware Versions: D2-S250-S01, D2-S250-S02, D2-S250-S04, D2-S250-S08, D2-S250-S16, D2-S250-S32, D2-D250-B01, D2-D250-B02, D2-D250-B04, D2-D250-B08, D2-D250-B16, D2-D250-B32 and D2-D250-B64; Firmware Version: 4.5.0) (Files distributed with the module mounted within the internal CD Drive are excluded from validation) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/21/2013	Overall Level: 3  -FIPS-approved algorithms: AES (Certs. #1412 and #1874); DRBG (Cert. #152); HMAC (Certs. #1118 and #1119); RNG (Cert. #774); RSA (Certs. #688, #954 and #955); SHS (Certs. #1282 and #1647); Triple-DES (Cert. #965); PBKDF2 (vendor affirmed) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); NDRNG Multi-chip standalone "The Imation S250/D250 Secure Flash Drives include a high-speed hardware-based 256 Bit AES cryptography engine for encrypting and decrypting NAND flash and RAM buffers via USB. It also includes RSA, HMAC, SHA, and DRBG algorithms."
1901	Red Hat®, Inc. 314 Littleton Road Westford, MA 01886 USA -Ann-Marie Rubin TEL: 978-392-1000 FAX: 978-392-1001 CST Lab: NVLAP 200658-0	Red Hat Enterprise Linux 6.2 Kernel Crypto API Cryptographic Module (Software Version: 2.0) (When operated in FIPS mode with Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #1837, Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs is automatically verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	02/21/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Red Hat Enterprise Linux 6.2 without AES-NI running on HP ProLiant DL585; Red Hat Enterprise Linux 6.2 with AES-NI running on IBM HS22; Red Hat Enterprise Linux 6.2 without AES-NI running on IBM HS22 (single-user mode) -FIPS-approved algorithms: AES (Certs. #1968, #1969, #1970, #1971 and #1972); Triple-DES (Certs. #1278 and #1279); SHS (Certs. #1725 and #1726); HMAC (Certs. #1187, #1188, #1199 and #1200); RNG (Certs. #1033, #1034, #1035, #1036 and #1037); DSA (Certs #628, #629, #634 and #635) -Other algorithms: DES; Triple-DES (CTR; non-compliant); AES (192 bits, XTS; non-compliant); RNG (X9.31 with stdrng or ansi_cprng; non-compliant) Multi-chip standalone "The Linux kernel Crypto API implemented in Red Hat Enterprise Linux 6.2 provides services operating inside the Linux kernel with various ciphers, message digests and an approved random number generator."
1900	Gemalto Avenue du Pic de Bertagne - BP100 Gemenos, 13881 France -Anthony Vella TEL: +33 4 42 36 61 38 FAX: +33 4 42 36 52 36 CST Lab: NVLAP 100432-0	MultiApp ID V2.1 Platform (Hardware Version: P5CC081 [1] and P5CC145 [2]; Firmware Version: MultiApp ID V2.1 with softmask V2.2 [1] and V2.4 [2] and Demonstration Applet V1.1 [1,2]) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/21/2013	Overall Level: 3  -Physical Security: Level 4 -FIPS-approved algorithms: RNG (Cert. #1023); Triple-DES (Cert. #1264); Triple-DES MAC (Triple-DES Cert. #1264, vendor affirmed); AES (Cert. #1943); RSA (Certs. #1006 and #1010); SHS (Certs. #1706 and #1707); ECDSA (Cert. #280); CVL (Cert. #17) -Other algorithms: Triple-DES (Cert. # 1264, key wrapping; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman Single-chip "MultiApp V2.1 is a highly secured smartcard contact-only platform from Gemalto complying with Javacard 2.2.2 and GP 2.1.1 standards and operated on NXP P5CC081 and P5CC145 chips. Its cryptographic library implements TDES, AES, SHA, RSA, RSA CRT, ECDSA, ECC CDH and RNG ANSX9.31 algorithms. This modular and flexible platform serves various needs, enabling secure data storage, identification, authentication and digital signatures (AS) with biometry control. This field-proven OS has the largest number of references in national ID programs, thus ensuring a secure investment."
1890	IBM Internet Security Systems, Inc. 6303 Barfield Road Atlanta, GA 30328 USA -Scott Sinsel TEL: 404-236-2722 FAX: 404-236-2632 CST Lab: NVLAP 200416-0	SiteProtector Cryptographic Module (Software Version: 1.1) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	02/19/2013	Overall Level: 2  -Operational Environment: Tested as meeting Level 2 with Microsoft Windows Server 2003 R2 Standard, Version 5.2 SP 2 on an IBM eServer 326m running on an AMD Opteron Processor 270 -FIPS-approved algorithms: AES (Cert. #1181); HMAC (Cert. #681); RNG (Cert. #652); RSA (Cert. #562); SHS (Cert. #1090) -Other algorithms: MD5; RSA (key agreement; key establishment methodology provides 96 bits of encryption strength) Multi-chip standalone "IBM Proventia+ Management SiteProtectorTM system is a security management system that provides centralized command and control, analysis, reporting and workflow for all ISS IBM Protection devices and select third-party security solutions including network IPS, Network Multi-Function, Server, Endpoint, Vulnerability Assessment, Application Assessment, and DLP. All of these IBM ISS security components have a common update and policy management system as well. The SiteProtector system provides an in-depth security event analysis capability that is specific to the needs of security analysts."
1889	Stanley Security Solutions, Inc. 6161 E 75th Street PO Box 50444 Indianapolis, IN 46250 USA -Mr. Robert Strong TEL: 317-806-3288 -Mr. Thomas Schuster TEL: 317-806-3150 CST Lab: NVLAP 100414-0	Wi-Q OMW (OW2000) [1], WAC (SDC2K) [2], WDC [3], and WXC [4] Controllers (Hardware Versions: 12681B [1]; 82065A [2]; 82069B [3]; 82069C [3]; 82069E [3]; 82069F [3] 82376C [4]; 82376D [4]; 82376F [4]; 82376G [4]; Firmware Version: 3.00.039) (When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode.) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/13/2013	Overall Level: 1  -FIPS-approved algorithms: SHS (Cert. #1583); AES (Cert. #1802) -Other algorithms: N/A Multi-chip embedded "The Stanley Wi-Q Controller Cryptographic Module is a wireless end point device that communicates via proprietary 802.15.4 protocol to a Stanley Wi-Q Portal Gateway module. The Stanley Wi-Q Controller provides secure key entry and data encryption functions within the Stanley Wi-Q Wireless Access Control System."
1888	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Palani Karuppan TEL: 408-525-2747 CST Lab: NVLAP 100432-0	Cisco Aironet 1552E Outdoor Access Point (Hardware Version: AIR-CAP1552E-A-K9 Revision: B0; FIPS Kit Version AIRLAP-FIPSKIT=; Firmware Versions: 7.0.116.0, 7.0.230.0, 7.0.240.0 or 7.2.103.0) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/11/2013; 03/28/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1357 and #1359); HMAC (Cert. #794); RNG (Cert. #746); RSA (Cert. #660); SHS (Cert. #1238) -Other algorithms: RSA (key wrapping; key establishment methodology provides 96 bits of encryption strength); RC4; MD5; HMAC MD5 Multi-chip standalone "The Cisco Aironet 1552E Outdoor Access Point is the standard model, dual-radio system with dual-band radios that are compliant with IEEE 802.11a/n (5-GHz) and 802.11b/g/n standards (2.4 GHz). The 1552E has three external antenna connections for three dual-band antennas. It has Ethernet and fiber Smaill Form-Factor Pluggable (SFP) backhaul options, along with the option of a battery backup. This model also has a PoE-out port and can power a video surveillance camera."
1887	Cambium Networks Ltd. Unit B2, Linhay Business Park Ashburton, Devon TQ12 7UP UK -Mark Thomas TEL: +44 1364 655586 FAX: +44 1364 655500 CST Lab: NVLAP 100432-0	Cambium PTP 600 Series Point to Point Wireless Ethernet Bridges (Hardware Versions: P/Ns BP5830BHC, BP5830BHC15, BP5530BHC, BP5530BHC15, WB2781, WB3039, WB3037, WB3092, WB3094, WB3387, WB3389, WB3222, BP5830BH, BP5830BH15, BP5530BH, BP5530BH15, WB2780, WB3036, WB3038, WB3091, WB3093, WB3386, WB3388 and WB3221; with P/N WB3593 (HW Security Upgrade Kit); Firmware Versions: PTP600-10-00-FIPS and PTP600-10-05-FIPS) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/08/2013; 02/22/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: SHS (Cert. #1101); DSA (Cert. #569); AES (Certs. #708 and #1144); DRBG (Cert. #21); HMAC (Cert. #1070); Triple-DES (Cert. #863) -Other algorithms: MD5; RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone "The 600 Series of Point-to-Point wireless Ethernet bridges operates in the 2.5, 4.5, 4.8, 4.9, 5.4, 5.8 and 5.9 GHz spectrum, offering high performance Ethernet and TDM connectivity in line-of-sight and non-line-of-sight environments. PTP 600 links have class-leading sensitivity and power output, supporting data rates up to 300 Mbps and range up to 124 miles. This series of secure wireless bridges makes cost-effective connectivity and backhaul a reality for a wide range of enterprises, service providers, utilities, transportation agencies and public safety organizations."
1886	Comtech EF Data Corporation 2114 West 7th Street Tempe, AZ 85281 USA -Wallace Davis TEL: 480-333-2189 CST Lab: NVLAP 200427-0	DMD2050E TRANSEC Module (Hardware Version: PL-0000192-1, Revision A; Firmware Version: 1.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/08/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #2025 and #2026); ECDSA (Cert. #296); HMAC (Cert. #1228); RNG (Cert. #1061); RSA (Cert. #1053); SHS (Cert. #1775); Triple-DES (Cert. #1309) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength);RSA (key transport; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256-bits of encryption strength); MD5 Multi-chip embedded "The Comtech EF Data FIPS Security Module features an FPGA to perform bulk encryption/decryption for Ethernet data traffic via the DMD2050E Satellite Modem, as well as firmware to provide the cryptographic functions needed to act as an endpoint for TLS and SSH management, and control traffic."
1885	Curtiss-Wright Controls Defense Solutions 2600 Paramount Place, Suite 200 Fairborn, OH 45324 USA -Paul Davis TEL: 937-252-560 FAX: 937-252-2729 -Matt Young TEL: 937-252-2729 FAX: 937-252-2729 CST Lab: NVLAP 200427-0	3U VPX-1TB FSM Flash Storage Module (Hardware Versions: RHFS-3UR1024-F, RHFS-3UJ1024-F; Firmware Version: 1.11) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/08/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #250 and #1978); DRBG (Cert. #180); HMAC (Cert. #1191); SHS (Cert. #1732) -Other algorithms: TRNG Multi-chip embedded "The Flash Storage Module (FSM) AES cryptographic engine uses 256-bit encryption keys and performs real-time encryption of all data written to or read from solid state drives. The FSM cryptographic engines provides maximum data-at-rest security in commercial and military applications."
1884	Totemo AG Freihofstrasse 22 Küsnacht, CH-8700 Switzerland -Marcel Mock TEL: +41 44 914 99 00 -Daniel Raap TEL: +41 44 914 99 00 CST Lab: NVLAP 200928-0	Totemo Cryptographic Module (TCM) (Software Version: 2.0) (When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	02/08/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Totemo Appliance OS 2.0 v0711 with JRE 7.0 running on a Apligo NSA 7110 (single-user mode) -FIPS-approved algorithms: AES (Cert. #2059); Triple-DES (Cert. #1326); DSA (Cert. #652); RSA (Cert. #1071); ECDSA (Cert. #302); SHS (Cert. #1800); DRBG (Cert. #206); HMAC (Cert. #1252) -Other algorithms: AES (Cert. #2059, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1326, key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone "The Totemo Cryptographic Module supplies the cryptographic services required by the Totemo Security Platform (TSP) and the Totemo products which provides secure email, file transfer, and mobile messaging solutions. These solutions secure all types of communication without any infrastructure prerequisites."
1883	SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA -Andrew Young TEL: 443-327-1183 FAX: 410-931-7524 -Chris Brych TEL: 613-221-5081 FAX: 613-723-5079 CST Lab: NVLAP 100432-0	eToken 5100, 5105, 5200 and 5205 (Hardware Versions: eToken 5100, eToken 5105, eToken 5200 and eToken 5205; Firmware Version: Athena IDProtect 0106.0113.2109 with SafeNet eToken Applet Suite 1.2.9) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/08/2013; 02/15/2013	Overall Level: 3  -FIPS-approved algorithms: AES (Cert. #1654); RSA (Cert. #824); Triple-DES (Cert. #1087); Triple-DES MAC (Triple-DES Cert. #1087, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465) -Other algorithms: HW RNG; AES-CMAC (non-compliant); AES (Cert. #1654, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "SafeNet eToken is a portable two-factor USB authenticator with advanced smart card technology. It utilizes certificate based technology to generate and store credentials, such as private keys, passwords and digital certificates inside the protected environment of the smart card chip. To authenticate, users must supply both their personal SafeNet authenticator and password, providing a critical second level of security beyond simple passwords to protect valuable digital business resources."
1882	Entrust, Inc. One Lincoln Centre 5400 LBJ Freeway Suite 1340 Dallas, TX 75240 USA -Jim Feeley TEL: 613-270-3198 FAX: 613-270-2505 CST Lab: NVLAP 100432-0	Entrust IdentityGuard PIV Credential (Hardware Version: SCHW 1.0; Firmware Version: SCOS 1.0 with Entrust IdentityGuard PIV Applet 1.0.1 Patch 172799) (PIV Card Application: Cert. #33) (When operated in FIPS mode with PIN policies configured as indicated in the Security Policy Section 9) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/08/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 4 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: RNG (Cert. #942); Triple-DES (Cert. #1144); Triple-DES MAC (Triple-DES Cert. #1144, vendor affirmed); AES (Cert. #1769); RSA (Cert. #885); ECDSA (Cert. #237); CVL (Cert. #5) -Other algorithms: HW RNG; RSA (key wrapping; key establishment methodology provides between 80 and 112 bits of encryption strength); AES (Cert. #1769, key wrapping; key establishment methodology provides 256 bits of encryption strength); Triple-DES (Cert. #1144, key wrapping; key establishment methodology provides 112 bits of encryption strength) Single-chip "The Entrust IdentityGuard PIV Credential is a cryptographic module intended for use by US Federal agencies and other markets that require smartcards conformant with the PIV standards. The module can also be configured for use in markets where the set of keys and data objects, or the access control rules governing their use, differ from the PIV data model."
1881	WinMagic Inc. 200 Matheson Boulevard West Suite 201 Mississauga, ON L5R 3L7 Canada -Alexander Mazuruc TEL: 905-502-7000 ext. 225 FAX: 905-502-7001 CST Lab: NVLAP 200928-0	SecureDoc® Disk Encryption Cryptographic Engine for MacOS X (Software Version: 6.1) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	02/04/2013	Overall Level: 1  -Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Mac OS X 10.7 Lion 32-bit running on a MacBook Pro; Mac OS X 10.7 Lion 64-bit running on a MacBook Pro (single-user mode) -FIPS-approved algorithms: AES (Certs. #1924 and #1925); SHS (Cert. #1690); RNG (Cert. #1012); HMAC (Cert. #1159) -Other algorithms: AES (Certs. #1924 and #1925, key wrapping) Multi-chip standalone "SecureDoc® Disk Encryption Cryptographic Engine for MacOS X provides cryptographic services and key management for the SecureDoc® Disk Encryption products running on MacOS X platform. The module employs PKCS-11 cryptographic standard to deliver full disk and removable media encryption on Apple computers and laptops."
1880	WinMagic Inc. 200 Matheson Boulevard West Suite 201 Mississauga, ON L5R 3L7 Canada -Alexander Mazuruc TEL: 905-502-7000 ext. 225 FAX: 905-502-7001 CST Lab: NVLAP 200928-0	SecureDoc® Disk Encryption Cryptographic Engine for Windows (Software Version: 6.1) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Software	02/04/2013	Overall Level: 1  -Roles, Services, and Authentication: Level 2 -EMI/EMC: Level 3 -Design Assurance: Level 3 -Operational Environment: Tested as meeting Level 1 with Microsoft Windows 7 32-bit running on an Acer Aspire 7745G Intel Core i7, Microsoft Windows 7 32-bit running on a Lenovo ThinkPad T420 Intel Core i5 with AES-NI, Microsoft Windows 7 64-bit running on an Acer Aspire 7745G Intel Core i7, Microsoft Windows 7 64-bit running on a Lenovo ThinkPad T420 Intel Core i5 with AES-NI (single-user mode) -FIPS-approved algorithms: AES (Certs. #1924 and #1925); SHS (Cert. #1690); RNG (Cert. #1012); HMAC (Cert. #1159) -Other algorithms: AES (Certs. #1924 and #1925, key wrapping) Multi-chip standalone "SecureDoc® Disk Encryption Cryptographic Engine for Windows provides cryptographic services and key management for the SecureDoc® Disk Encryption products running on Windows platform. The module employs PKCS-11 cryptographic standard to deliver full disk encryption and other data protection solutions for General Purpose Computers, laptops and removable media."
1879	TechGuard Security 28 Hawk Ridge Circle Suite 107 Lake St. Louis, MO 63367 USA -David Maestas TEL: 636-489-2230 CST Lab: NVLAP 200002-0	PoliWall-CCF M10 [1], M50 [2], G01 [3] and G10 [4] Series Security Appliance (Hardware Versions: PW-CCF-M10-01C [1], PW-CCF-M50-01C [2], PW-CCF-G01-01C [3], PW-CCF-G01-01F [3], PW-CCF-G10-01X [4] and PW-CCF-G10-01F [4] with FIPS Kits: (PW-CCF-M10-FK1 [1,2], PW-CCF-G01-FK1 [3] and PW-CCF-G10-FK1 [4]); Software Version: 2.02.3101) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate Vendor Product Link	Hardware	02/04/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1600 and #1601); RSA (Cert. #782); RNG (Cert. #857); SHS (Certs. #1412 and #1413) -Other algorithms: DES; MD5; Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength; non-compliant less than 80 bits of encryption strength) Multi-chip standalone "The TechGuard Security PoliWall is a network boundary device that rapidly determines the country of origin for all incoming packets using HIPPIE (High-speed Internet Protocol Packet Inspection Engine) technology. Packets are filtered according to defined policies, exception lists, and Pre-Compiled Exception Lists (PCEL) that are bound to rule groups for specific network addresses and protocols. PoliWall also provides administrators with the ability to create maps which exclude traffic from selected countries."
1878	Mocana Corporation 350 Sansome Street Suite 1010 San Francisco, CA 94104 USA -James Blaisdell TEL: 415-617-0055 FAX: 415-617-0056 CST Lab: NVLAP 100432-0	Mocana Cryptographic Suite B Module (Software Version: 5.5f) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	01/31/2013; 03/28/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Android 2.2 running on a LG Optimus 3D (LG-P920); Android 2.3 running on a LG G2X (LG-P999); Android 4.0 running on a Samsung Nexus-S (GT-I9023); Android 4.1 running on a LG Optimus (LG-P920); Ubuntu Linux 32 bit running on a Dell Dimension 9200; Ubuntu Linux 64 bit running on a Dell Dimension 9200 (single-user mode) -FIPS-approved algorithms: AES (Certs. #2039 and #2272); Triple-DES (Cert. #1316); SHS (Cert. #1785); HMAC (Cert. #1238); RSA (Cert. #1059); DSA (Cert. #647); ECDSA (Cert. #298); RNG (Cert. #1065); DRBG (Cert. #201) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); DES; Blowfish; ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; AES EAX (non-compliant); AES XCBC (non-compliant); RSA (encrypt/decrypt) Multi-chip standalone "The Mocana Cryptographic Module is the engine of Mocana's Device Security Framework - a software framework that secures all aspects of a system. The Device Security Framework helps applications and device designers reduce development costs and dramatically enhance cryptographic performance. For details see www.mocana.com."
1877	Palo Alto Networks 3300 Olcott Street Santa Clara, CA 95054 USA -Jake Bajic TEL: 408-753-3901 FAX: 408-753-4001 CST Lab: NVLAP 100432-0	PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series Firewalls (Hardware Versions: HW P/Ns 910-000006-00H Rev. H with FIPS Kit P/N 920-000005-004 Rev. 4 (PA-500), 910-000004-00Q Rev. Q with FIPS Kit P/N 920-000004-004 Rev. 4 (PA-2020), 910-000003-00Q Rev. Q with FIPS Kit P/N 920-000004-004 Rev. 4 (PA-2050), 910-000002-00U Rev. U with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4020), HW P/N 910-000001-00U Rev. U with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4050), 910-000005-00L Rev. L with FIPS Kit P/N 920-000003-001 Rev. 1 (PA-4060), 910-000010-008 Rev. 8 w/ FIPS Kit P/N 920-000037-002 Rev. 2 (PA-5020), 910-000009-009 Rev. 9 w/ FIPS Kit P/N 920-000037-002 Rev. 2 (PA-5050) and 910-000008-008 Rev. 8 w/ FIPS Kit P/N 920-000037-002 Rev. 2 (PA-5060); Firmware Version: 4.0.10 or 4.0.12-h2) (When operated in FIPS mode and with the tamper evident seals and opacity shields installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/30/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Cert. #1987); RSA (Cert. #1031); HMAC (Cert. #1201); SHS (Cert. #1743); RNG (Cert. #1044) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); NDRNG; MD5; RC4; Camellia; RC2; SEED; DES Multi-chip standalone "The Palo Alto Networks PA-500, PA-2000 Series, PA-4000 Series, and PA-5000 Series firewalls are multi-chip standalone modules that provide network security by enabling enterprises to see and control applications, users, and content using three unique idenification technologies: App-ID, User-ID, and Content-ID. These identification technologies enable enterprises to create business-relevant security policies - safely enabling organizations to adopt new applications."
1876	Apricorn Inc. 12191 Kirkham Road Poway, CA 92064 USA -Robert Davidson TEL: 858-513-4430 FAX: 858-513-2020 CST Lab: NVLAP 100432-0	Apricorn Aegis Secure Key (Hardware Versions: ASK-256-4GB [1], ASK-256-8GB [2], ASK-256-16GB [3] and ASK-256-32GB [4]; Firmware Versions: V01.12A13-F05 and V01.12A14-F05 20120817 [1], V01.12A13-F04 and V01.12A14-F05 20120817 [2], V01.12A15 Code Package-111130 and V01.12A14-F05 20120817 [3] and V01.12A14-F05 20120817 [4] with Security Controller Firmware Revision iStorage v6 [1] [2] [3] and iStorage v12 [1] [2] [3] [4]) (Tamper evidence determined as indicated in the Security Policy, Physical Security Policy section) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/30/2013 03/08/2013; 03/28/2013	Overall Level: 3  -FIPS-approved algorithms: AES (Cert. #1514); SHS (Cert. #1728); DRBG (Cert. #177) -Other algorithms: NDRNG Multi-chip standalone "The Apricorn Aegis Secure Key is a self-authenticating and self-encrypting secure USB flash drive based on DATALOCK® technology. The Apricorn Aegis Secure Key uses full-disk hardware based AES 256 bit encryption in CBC mode. The unit is not dependent on any host software and drivers. By design it is OS/Host independent and agnostic to any operating system (Win, Mac, Linux, Chrome, Android, Symbian, etc.), computer, or embedded device that supports the standard mass storage class (USB/USB OTG)."
1875	Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA -Palani Karuppan TEL: 408-525-2747 CST Lab: NVLAP 100432-0	Cisco Catalyst 6506, 6506-E, 6509, and 6509-E Switches with Wireless Services Modules (WiSMs) (Hardware Versions: Chassis: Catalyst 6506 switch [1], Catalyst 6506-E switch [2], Catalyst 6509 switch [3] and Catalyst 6509-E switch [4]; Backplane: WS-C6506 [1], WS-C6506-E [2], WS-C6509 [3] and WS-C6509-E [4]; FIPS Kit: P/N 800-27009 [1, 2] and P/N 800-26335 [3, 4]; Supervisor Blade [1, 2, 3, 4]: [WS-SUP720-3BXL or WS-SUP720-3B] and WiSM: WS-SVC-WISM-1-K9; Firmware Versions: Supervisor Blade: Cisco IOS Release 12.2.33-SXI3 or Cisco IOS Release 12.2.33-SXH5; WiSM: 7.0.230.0) (When operated in FIPS mode and with the physical security devices installed as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/25/2013	Overall Level: 2  -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1344 and #1345); HMAC (Certs. #783 and #784); RNG (Cert. #740); RSA (Certs. #651 and #652); SHS (Certs. #1226 and #1227); Triple-DES (Cert. #934) -Other algorithms: RSA (key wrapping; key establishment methodology provides 96 bits of encryption strength); AES (Cert. #1344, key wrapping; key establishment methodology provides 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); RC4; MD5; HMAC MD5; AES-CTR (non-compliant); CCKM Multi-chip standalone "The Cisco Catalyst 6506, 6506-E, 6509, and 6509-E Switches with WiSM WLAN Controller deliver centralized control and high capacity for medium to large-scale Enterprise wireless LAN networks. In FIPS 140-2 mode of operation, the Cisco WiSM Controller supports the IEEE 802.11i & 802.1x standards, IETF CAPWAP standard and supports a Secure Wireless Architecture with certified WiFi Alliance WPA-2 security. The Cisco WiSM Controller supports voice, video and data services along with Cisco Clean Air technology, IPv6 mobility, intrusion protection and intelligent radio resource management."
1874	Ultra Stereo Labs, Inc. 181 Bonetti Drive San Luis Obispo, CA 93401 USA -Larry McCrigler TEL: 805-549-0161 FAX: 805-549-0163 CST Lab: NVLAP 100432-0	IMB-1000 HFR and IMB-1200 HFR Secure Media Blocks (Hardware Versions: Rev. 11 and 12; Firmware Version: 08162012) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/18/2013	Overall Level: 2  -Cryptographic Module Specification: Level 3 -Cryptographic Module Ports and Interfaces: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Cryptographic Key Management: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: AES (Certs. #1459, #1460 and #1964); HMAC (Certs. #856 and #857); SHS (Certs. #1320 and #1321); RNG (Cert. #798); RSA (Cert. #712); CVL (SP 800-135rev1, vendor affirmed) -Other algorithms: RSA (key wrapping, key establishment methodology provides 112 bits of encryption strength); NDRNG; MD5; TI S-BOX; EC Diffie-Hellman; DCI Multi-chip embedded "The Image Media Block is a type of Secure Processing Block that contains a Security Manager, Image, Audio and Subtitle Media Decryptors, Image decoder, Image and Audio Forensic Marking (FM) and optional Link Encoder. It is used for playback of encrypted movie content in commercial cinemas."
1873	iStorage Limited Research House Fraser Road Greenford, Middlesex UB6 7AQ England -John Michael TEL: +44 20 8537-3435 FAX: +44 20 8537-3438 CST Lab: NVLAP 100432-0	datAshur Secure USB Flash Drive (Hardware Versions: IS-FL-DA-256-4 [1], IS-FL-DA-256-8 [2], IS-FL-DA-256-16 [3] and IS-FL-DA-256-32 [4]; Firmware Versions: V01.12A13-F05 and V01.12A14-F05 20120817 [1], V01.12A13-F04 and V01.12A14-F05 20120817 [2], V01.12A15 Code Package-111130 and V01.12A14-F05 20120817 [3] and V01.12A14-F05 20120817 [4] with Security Controller Firmware Revision iStorage v6 [1] [2] [3] and iStorage v12 [1] [2] [3] [4]) (Tamper evidence determined as indicated in the Security Policy, Physical Security Policy section) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/08/2013; 01/24/2013; 03/28/2013	Overall Level: 3  -FIPS-approved algorithms: AES (Cert. #1514); SHS (Cert. #1728); DRBG (Cert. #177) -Other algorithms: NDRNG Multi-chip standalone "The iStorage datAshur is a self-authenticating and self-encrypting secure USB flash drive based on DATALOCK® technology licensed from ClevX, LLC. datAshur uses full-disk hardware based AES 256 Bit encryption in CBC mode. The unit is not dependent on any host software and drivers. By design it is OS/Host independent and agnostic to any operating system (Win, Mac, Linux, Chrome, Android, Symbian, etc.), computer, or embedded device that supports the standard mass storage class (USB/USB OTG). datAshur supports a single encrypted private partition available to the user when unlocked."
1872	McAfee, Inc. 2340 Energy Park Drive St. Paul, MN 55108 USA -Mark Hanson TEL: 651-628-1633 FAX: 651-628-2701 CST Lab: NVLAP 200556-0	McAfee Firewall Enterprise 4150F (Hardware Version: NSA-4150-FWEX-FRR and FIPS Kit: SAC-4150F-FIPS-KT; Firmware Version: 7.0.1.03 and 8.2.0) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/08/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #972, #973, #974 and #1833); Triple-DES (Certs. #765, #766, #767 and #1185); SHS (Certs. #941, #942, #943 and #1612); HMAC (Certs. #544, #545, #546 and #1086); RNG (Certs. #549, #550, #551 and #964); RSA (Certs. #469 and #470); DSA (Certs. #338 and #339) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); CAST-128; RC2; RC4; MD2; MD5; DES; EC Diffie-Hellman (key agreement;non-compliant) Multi-chip standalone "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications."
1871	McAfee, Inc. 2340 Energy Park Drive St. Paul, MN 55108 USA -Mark Hanson TEL: 651-628-1633 FAX: 651-628-2701 CST Lab: NVLAP 200556-0	McAfee Firewall Enterprise 2150F (Hardware Version: NSA-2150-FWEX-F and FIPS Kit: SAC-2150F-FIPS-KT; Firmware Version: 7.0.1.03 and 8.2.0) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/08/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #972, #973, #974 and #1833); Triple-DES (Certs. #765, #766, #767 and #1185); SHS (Certs. #941, #942, #943 and #1612); HMAC (Certs. #544, #545, #546 and #1086); RNG (Certs. #549, #550, #551 and #964); RSA (Certs. #469 and #470); DSA (Certs. #338 and #339) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); CAST-128; RC2; RC4; MD2; MD5; DES; EC Diffie-Hellman (key agreement; non-compliant) Multi-chip standalone "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications."
1870	McAfee, Inc. 2340 Energy Park Drive St. Paul, MN 55108 USA -Mark Hanson TEL: 651-628-1633 FAX: 651-628-2701 CST Lab: NVLAP 200556-0	McAfee Firewall Enterprise 1100F (Hardware Version: NSA-1100-FWEX-F and FIPS Kit: SAC-1100F-FIPS-KT; Firmware Version: 7.0.1.03 and 8.2.0) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed and initializing the module as specified in Section 3.1.1 of the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/08/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #972, #973, #974 and #1833); Triple-DES (Certs. #765, #766, #767 and #1185); SHS (Certs. #941, #942, #943 and #1612); HMAC (Certs. #544, #545, #546 and #1086); RNG (Certs. #549, #550, #551 and #964); RSA (Certs. #469 and #470); DSA (Certs. #338 and #339) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); CAST-128; RC2; RC4; MD2; MD5; DES; EC Diffie-Hellman (key agreement; non-compliant) Multi-chip standalone "McAfee Firewall Enterprise solutions provide unmatched protection for the enterprise in the most mission-critical and sensitive environments. McAfee's Firewall Enterprise appliances are created to meet the specific needs of organizations of all types and enable those organizations to reduce costs and mitigate the evolving risks that threaten today's networks and applications."
1868	Bomgar Corporation 578 Highland Colony Parkway Paragon Centre, Suite 300 Ridgeland, MS 39157 USA -Main Office TEL: 601-519-0123 FAX: 601-510-9080 -Stella Kwon TEL: 703-736-8363 FAX: 601-510-9080 CST Lab: NVLAP 200002-0	B200™, B300™ and B400™ Remote Support Appliances (Hardware Versions: B200 [1], B300r1 [2] and B400r1 [3]; Tamper Evident Label Kit: TEL135325 [1,2,3]; Front Bezels: (FB000300 [2] and FB000400 [3]); Software Version: 12.1.6FIPS; Firmware Version: 3.3.2FIPS) (When operated in FIPS mode and with the tamper evident labels and front bezels applied as indicated in the Security Policy) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/15/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Cert. #2219); Triple-DES (Cert. #1389), RSA (Cert. #1136), SHS (Cert. #1910); HMAC (Cert. #1350); RNG (Cert. #1113) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 150 bits of encryption strength); RC4; RC4-40; DES; DES-40; MD5 Multi-chip standalone "Bomgar Remote Support Appliances provide technicians secure remote control of devices over the internet/LAN/WAN. Bomgar allows collaborative remote support to various operating systems, including desktops, servers, mobile and network devices. In addition, Bomgar provides extensive auditing and recording of support sessions."
1864	Cambium Networks, Ltd. Unit B2, Linhay Business Park Ashburton, Devon TQ13 7UP UK -Mark Thomas TEL: +44 1364 655586 FAX: +44 1364 655500 CST Lab: NVLAP 100432-0	Cambium Networks PTP 800 Compact Modem Unit (CMU) (Hardware Versions: P/N WB3517, Versions 5.2, 5.3 and 6.6; Firmware Version: PTP 800-05-02) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/04/2013; 02/22/2013	Overall Level: 1  -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS-approved algorithms: SHS (Cert. #1557); DSA (Cert. #556); AES (Certs. #1776 and #1526); DRBG (Cert. #123); Triple-DES (Cert. #1149); HMAC (Cert. #1041) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); RADIUS; MD5; Custom RNG Multi-chip standalone "Operating in the 6 to 38 GHz RF bands at up to 368 Mbps throughput (full duplex) and with user-configured channel bandwidths from 7 to 56 MHz, the Cambium Networks Point-to-Point 800 Series of Licensed Ethernet Microwave solutions offer operators a highly reliable licensed band wireless solution."
1862	Seagate Technology LLC 1280 Disc Drive Shakopee, MN 55379 USA -David R Kaiser, PMP TEL: 952-402-2356 FAX: 952-402-1273 CST Lab: NVLAP 200427-0	Seagate Secure® TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module (Hardware Version: 1BU282; Firmware Version: 0003) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/07/2013; 01/25/2013	Overall Level: 2  -EMI/EMC: Level 3 -FIPS-approved algorithms: AES (Certs. #1811 and #1343); DRBG (Cert. #62); RSA (Cert. #650); SHS (Cert. #1225) -Other algorithms: N/A Multi-chip embedded "The Seagate Secure« Enterprise Self-Encrypting Drives FIPS 140 Module is embodied in the Seagate Pulsar.2 SED model disk drive. These products meet the performance requirements of the most demanding Enterprise applications. The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA bands and authenticated FW download."
1860	CMS Products 12 Mauchly Unit E Irvine, CA 92618 USA -Les Kristof TEL: 714-424-5521 FAX: 949-754-9060 CST Lab: NVLAP 100432-0	CE Secure (Hardware Versions: P/Ns CE-HDDFIPS-500, CE-HDDFIPS-320 and CE-HDDFIPS-250; Firmware Version: 0001SDM7) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/25/2013	Overall Level: 2  -EMI/EMC: Level 3 -FIPS-approved algorithms: AES (Certs. #1343 and #1845); DRBG (Cert. #62); RSA (Cert. #650); SHS (Cert. #1225) -Other algorithms: NDRNG Multi-chip embedded "The CE Secure CE-HDDFIPS is a Self Encrypting Drive used in CMS Products' line of external secure storage devices. All data on the secure storage device is protected with state of the art hardware encryption."
1855	Nexus Wireless Artists Court 15 Manette Street London, W1D 4AP United Kingdom -Paul Richards TEL: +44-207-734-0200 FAX: +44-207-734-0210 CST Lab: NVLAP 200416-0	Nexus FIPS 140-2 Crypto Module (Hardware Version: 1.01; Firmware Versions: ES0408_RL01_R1_02_001 version 1.02.001 and ES0408_RL02_R1_02_000 version 1.02.000) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	01/18/2013	Overall Level: 1  -FIPS-approved algorithms: AES (Cert. #914); DSA (Cert. #337); SHS (Certs. #901 and #928); HMAC (Cert. #533); RNG (Cert. #524) -Other algorithms: DES; AES MAC (AES Cert. #914, vendor affirmed; P25 AES OTAR) Multi-chip embedded "The Nexus FIPS140-2 Crypto Module is a single-board security module designed to conform to FIPS140-2 standards and primarily intended for use in P25 radio equipment. The module supports both KFD and KMF management implementations, including a dedicated 3-wire KFD interface. It includes a complete key storage and critical security material management function for TEK, KEK, UKEK, CKEK and KSKEK keys in non-volatile memory within the FIPS module, with protection from unauthorized disclosure or modification. The FIPS Module executes encryption and decryption of P25 Phase 1 voice and data tra"
1840	Aruba Networks, Inc. 1322 Crossman Avenue Sunnyvale, CA 94089 USA -Jon Green TEL: 408-227-4500 CST Lab: NVLAP 200427-0	Aruba 3000 [1] and 6000/M3 Revision B2 [2] Controllers with ArubaOS FIPS Firmware (Hardware Versions: [3200-F1 Revision B2, 3400-F1 Revision B2, 3600-F1 Revision B2, 3200-USF1 Revision B2, 3400-USF1 Revision B2, 3600-USF1 Revision B2] [1] and [(6000-400-F1 or 6000-400-USF1) with (M3mk1-S-F1 Revision B2, LC-2G-1, LC-2G24F-1, LC-2G24FP-1, HW-FT, HW-PSU-200 or HW-PSU-400] [2] with FIPS kit 4010061-01; Firmware Version: ArubaOS_MMC_6.1.2.3-FIPS or ArubaOS_MMC_6.1.4.1-FIPS) (When operated in FIPS mode with tamper evident labels installed as indicated in the Security Policy clause "Installing the Controller" and the 6000/M3 configured as specified in Security Policy clause "Minimum Configuration for the Aruba 6000-400") Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Hardware	02/11/2013; 03/08/2013	Overall Level: 2  -FIPS-approved algorithms: AES (Certs. #465, #1850 and #1854); ECDSA (Certs. #257 and #258); HMAC (Certs. #416, #1098 and #1101); RNG (Certs. #969 and #972); RSA (Certs. #933, #935 and #937); SHS (Certs. #768, #1627, #1629 and #1631); Triple-DES (Certs. #482, #1198 and #1201) -Other algorithms: DES; HMAC-MD5; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant less than 80-bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 192 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength) Multi-chip standalone "Aruba's family of Mobility Controllers are network infrastructure devices providing secure, scalable solutions for enterprise Wi-Fi, network security policy enforcement, VPN services, and wireless intrusion detection and prevention. Mobility controllers serve as central points of authentication, encryption, access control, and network coordination for all mobile network services"
1833	Motorola Solutions, Inc. One Motorola Plaza Holtsville, NY 11742 USA -Bert Scaramozzino TEL: 631-738-3215 FAX: 631-738-4164 CST Lab: NVLAP 200968-0	Fusion 802.1x Authentication Supplicant (Software Version: H_3.40.0.0.19) (When operated in FIPS mode. No assurance of module integrity when operating in non-FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	01/07/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Motorola ES400 with Windows Mobile 6.5 OS OEM Version 2.31.0002; Motorola MC65 with Windows Mobile 6.5 OS OEM Version 2.31.0002 (single-user mode) -FIPS-approved algorithms: Triple-DES (Cert. #1200); AES (Cert. #1853); SHS (Cert. 1630); HMAC (Cert. #1100); RSA (Cert. #936); DSA (Cert. #578); RNG (Cert. #971) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 80 or 112 bits of encryption strength); DES; RC4; RC2; MD5; CCKM; IDEA; SMS4 Multi-chip standalone "Motorola Fusion 802.1x Authentication Supplicant is a component of Motorola Wireless Mobile Computing devices that are equipped with a WLAN radio. These devices are used for business process automation applications in a number of vertical markets like retail, manufacturing, transportation, health and government"
1825	TIBCO LogLogic®, Inc. 110 Rose Orchard Way Suite 200 San Jose, CA 95134 USA -Thor Taylor TEL: (408) 215-5941 -Phuong Hoang TEL: (408) 731-7022 CST Lab: NVLAP 200928-0	LogLogic Communications Cryptographic Module (Software Version: 1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Security Policy Consolidated Validation Certificate	Software	01/25/2013	Overall Level: 1  -Operational Environment: Tested as meeting Level 1 with Oracle Enterprise Linux 5.6 running on LX 820, LX 1020, ST 1020, LX 4020, ST 1020, ST 2020-SAN, ST 4020 and MX 3020 appliances (single-user mode) -FIPS-approved algorithms: AES (Cert. #1926); SHS (Cert. #1691); HMAC (Cert. #1160); RNG (Cert. #1013) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone "The LogLogic Communications Cryptographic Module establishes a secure, encrypted tunnel between LogLogic products for the secure transmission of log data."

Need Assistance?