Module Name
Riverbed Cryptographic Security Module
Historical Reason
186-2 transition
Caveat
When installed, initialized and configured as specified in the Security Policy Section 4 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The Riverbed Cryptographic Security Module ("RCSM") provides the cryptographic functionality for a variety of Riverbed's platforms including Steelhead, SteelFusion and SteelCentral products. Using RCSM to provide FIPS compliance across Riverbed solutions, strengthens security and facilitates the product certification and accreditation processes, enabling hybrid enterprises to transform application performance into a competitive advantage by maximizing employee productivity and leveraging IT to create new forms of operational agility.
Tested Configuration(s)
- Granite OS 2.0 running on Riverbed Granite Core Appliance
- Granite OS 2.0 x86 on VMware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- Granite OS 2.0 x86 on VMware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- Interceptor OS 4.5 running on Riverbed Interceptor Appliance
- RiOS 8.0 x86 32-bit running on Riverbed Steelhead Appliance
- RiOS 8.0 x86 64-bit on VMware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- RiOS 8.0 x86 64-bit on VMware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- RiOS 8.0 x86 64-bit running on Riverbed Steelhead Appliance
- RiOS 8.0 x86 64-bit running on Riverbed Steelhead Appliance with AES-NI
- RiOS 8.6 32-bit running on Riverbed Steelhead Appliance
- RiOS 8.6 64-bit on Vmware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- RiOS 8.6 64-bit on Vmware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- RiOS 8.6 64-bit running on Riverbed Steelhead Appliance
- RiOS 8.6 64-bit running on Riverbed Steelhead Appliance with AES-NI
- RiOS 9.2 x86 64-bit on KVM 1.0 running on Dell PowerEdge R320 with PAA
- RiOS 9.2 x86 64-bit on KVM 1.0 running on Dell PowerEdge R320 without PAA
- RiOS 9.2 x86 64-bit running on Riverbed Steelhead Appliance with PAA
- RiOS 9.2 x86 64-bit running on Riverbed Steelhead Appliance without PAA
- RiOS 9.2 x86 on VMware ESXi 5.5 running on Dell PowerEdge R320 with PAA
- RiOS 9.2 x86 on VMware ESXi 5.5 running on Dell PowerEdge R320 without PAA
- Riverbed License Manager 1.0 on VMware ESXi 5.5 running on Dell PowerEdge R320 with PAA
- Riverbed License Manager 1.0 on VMware ESXi 5.5 running on Dell PowerEdge R320 without PAA
- Riverbed SteelCentral AppResponse 11.2 64bit on VMware ESXi 5.5 running on Dell PowerEdge R320 with PAA
- Riverbed SteelCentral AppResponse 11.2 64bit on VMware ESXi 5.5 running on Dell PowerEdge R320 without PAA
- Riverbed SteelCentral AppResponse 11.2 running on Riverbed appliance with PAA
- Riverbed SteelCentral AppResponse 11.2 running on Riverbed appliance without PAA (single-user mode)
- SteelCentral Controller for SteelHead Mobile 5.0 on VMware ESXi 5.5 running on Dell PowerEdge R320 with PAA
- SteelCentral Controller for SteelHead Mobile 5.0 on VMware ESXi 5.5 running on Dell PowerEdge R320 without PAA
- SteelCentral Controller for SteelHead Mobile 5.0 running on SMC appliance with PAA
- SteelCentral Controller for SteelHead Mobile 5.0 running on SMC appliance without PAA
- SteelFusion 4.3 on VMware ESXi 5.5 running on Dell PowerEdge R320 with PAA
- SteelFusion 4.3 on VMware ESXi 5.5 running on Dell PowerEdge R320 without PAA
- SteelFusion 4.3 running on Riverbed SteelFusion appliance with PAA
- SteelFusion 4.3 running on Riverbed SteelFusion appliance without PAA
- Steelhead Mobile Controller 4.6 on Vmware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- Steelhead Mobile Controller 4.6 on Vmware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- Steelhead Mobile Controller 4.6 running on SMC with AES NI
- Steelhead Mobile Controller 4.6 running on SMC without AES-NI
- Stingray Traffic Manager Virtual Appliance x86 on VMware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- Stingray Traffic Manager Virtual Appliance x86 on VMware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- Whitewater OS 3.0 on VMware ESXi 5.1 running on Dell PowerEdge R210II with AES-NI
- Whitewater OS 3.0 on VMware ESXi 5.1 running on Dell PowerEdge R210II without AES-NI
- Whitewater OS 3.0 running on Whitewater Appliance with AES-NI
- Whitewater OS 3.0 running on Whitewater Appliance without AES-NI
Other Algorithms
RSA (encrypt/decrypt); EC Diffie-Hellman; PRNG; DRBG (non-compliant)