Module Name

IBM Security Network Intrusion Prevention System Version 4.6.2

Standard

FIPS 140-2

Status

Active

Sunset Date

3/6/2021

Validation Dates

03/07/2016

Overall Level

2

Caveat

When installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy

Security Level Exceptions

• Mitigation of Other Attacks: N/A

Module Type

Hardware

Embodiment

Multi-Chip Stand Alone

Description

The Network Intrusion Prevention System (NIPS) automatically blocks malicious attacks while preserving network bandwidth and availability. The appliances are purpose-built, Layer 2 network security appliances that you can deploy either at the gateway or the network to block intrusion attempts, denial of service (DoS) attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list of threats without requiring extensive network reconfiguration.

Tested Configuration(s)

• N/A

FIPS Algorithms

AES	Certs. #3204 and #3210
DRBG	Certs. #679 and #682
ECDSA	Certs. #588 and #591
HMAC	Certs. #2018 and #2023
RSA	Certs. #1633 and #1635
SHS	Certs. #2651 and #2657
Triple-DES	Certs. #1825 and #1827

Other Algorithms

RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength); NDRNG

Hardware Versions

GX4004, GX5008C, GX5008SFP, GX5208C, GX5208SFP, GX7412 and GX7800 with Tamper Evident Label Kit: 00VM255

Firmware Versions

4.6.2