Cryptographic Module Validation Program CMVP

Certificate #3356

Details

Module Name
VMware's Linux Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
2/1/2024
Validation Dates
02/02/2019
Overall Level
1
Caveat
When operated in FIPS mode with module VMware OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #2839 operating in FIPS mode
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Powering IPsec encryption and integrity in NSX Edge and NSX Controller is the VMware's Linux Cryptographic Module. The Tunnel mode of the Encapsulating Security Payload (ESP) protocol performed by an IPsec Service kernel stack, such as NETKEY, utilizes the VMware's Linux Cryptographic Module to encrypt, decrypt, and perform integrity checks on data entering and exiting the NSX Edge virtual appliance.
Tested Configuration(s)
  • NSX Controller 6.3.0 OS (AKA NSX Controller 12.04 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
  • NSX Controller 6.3.0 OS (AKA NSX Controller 12.04 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
  • NSX Edge 6.3.0 OS (AKA NSX Edge 3.14 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
  • NSX Edge 6.3.0 OS (AKA NSX Edge 3.14 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
  • NSX OS 4.4 (AKA BLUX 4.4) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
  • NSX OS 4.4 (AKA BLUX 4.4) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
  • PhotonOS 1.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
  • PhotonOS 1.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
  • PhotonOS 2.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
  • PhotonOS 2.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA (single-user mode)
FIPS Algorithms
AES Cert. #4133
HMAC Certs. #2705 and #2710
SHS Cert. #3402
Allowed Algorithms
N/A
Software Versions
2.0

Vendor

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304
USA

Manoj Maskara
mmaskara@vmware.com
Phone: 650-427-1000
Fax: 650-475-5001

Lab

CGI ITSETF
NVLAP Code: 200928-0