U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #2533


Module Name
Brocade(R) MLXe(R) NetIron(R) Ethernet Routers
FIPS 140-2
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
When operated in FIPS mode with the tamper evident labels installed as specified in Annex A and configured as specified in Tables 8, 12 and 16 of the Security Policy
Security Level Exceptions
  • Design Assurance: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Multi-Chip Stand Alone
Brocade MLXe Series routers feature industry-leading 100 Gigabit Ethernet (GbE), 10 GbE, and 1 GbE wire-speed density; rich IPv4, IPv6, Multi-VRF, MPLS, and Carrier Ethernet capabilities without compromising performance; and advanced Layer 2 switching. This release introduces a new interface card BR-MLX-10GX4-IPSEC-M, which has built-in capability to negotiate IKEv2 sessions and establish IPSec tunnels to allow Virtual Private Networks to be created within the network. In addition, BR-MLX-10GX4-IPSEC-M has PHY level support for MACSec protocol.
Tested Configuration(s)
  • N/A
Approved Algorithms
AES Certs. #1648, #2154, #2717, #2946, #3030 and #3144
CVL Certs. #175, #393, #404, #437 and #1050
DRBG Certs. #454 and #684
ECDSA Certs. #546 and #593
HMAC Certs. #1696 and #2883
KBKDF Cert. #35
KTS AES Cert. #2946, key wrapping; key establishment methodology provides 112 bits of encryption strength
KTS AES Cert. #2717 and HMAC Cert. #1696; key establishment methodology provides 112 bits of encryption strength
RSA Cert. #1413
SHS Certs. #934 and #2282
Other Algorithms
RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); NDRNG; HMAC-SHA1-96; HMAC-MD5; MD5; DES; Triple-DES (non-compliant); EC Diffie-Hellman (CVL Certs. #437 and #1050, key agreement; key establishment methodology provides between 128 or 192 bits of encryption strength)
Hardware Versions
{[BR-MLXE-4-MR2-M-AC (80-1006870-01), BR-MLXE-4-MR2-M-DC (80-1006872-01), BR-MLXE-8-MR2-M-AC (80-1007225-01), BR-MLXE-8-MR2-M-DC (80-1007226-01), BR-MLXE-16-MR2-M-AC (80-1006827-02), BR-MLXE-16-MR2-M-DC (80-1006828-02), BR-MLXE-4-MR2-X-AC (80-1006874-03), BR-MLXE-4-MR2-X-DC (80-1006875-03), BR-MLXE-8-MR2-X-AC (80-1007227-03), BR-MLXE-8-MR2-X-DC (80-1007228-03), BR-MLXE-16-MR2-X-AC (80-1006829-04), BR-MLXE-16-MR2-X-DC (80-1006834-04)] with Component P/Ns 80-1005643-01, 80-1003891-02, 80-1002983-01, 80-1003971-01, 80-1003972-01, 80-1003811-02, 80-1002756-03, 80-1004114-01, 80-1004113-01, 80-1004112-01, 80-1004760-02, 80-1006511-02, 80-1004757-02, 80-1003009-01, 80-1003052-01, 80-1003053-01, 80-1005644-03, 80-1007878-02, 80-1007911-02, 80-1007879-02} with FIPS Kit XBR-000195
Firmware Versions
Multi-Service IronWare R05.8.00a


Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134

Chris Marks
Phone: 408-333-0840
Fax: 408-333-8101

Validation History

Date Type Lab
1/12/2016 Initial ÆGISOLVE
5/23/2017 Update ÆGISOLVE