Module Name
NetApp CryptoMod
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
NetApp CryptoMod will be integrated into NetApp ONTAP releases for the purpose of supporting FIPS 140-2 compliant data-at-rest encryption and key management.
Tested Configuration(s)
- ONTAP 9.4 running on AFF A800 system with Intel Xeon Platinum 8160 with PAA
- ONTAP 9.4 running on AFF A800 system with Intel Xeon Platinum 8160 without PAA
- ONTAP 9.4 running on FAS2750 system with Intel Xeon D-1557 with PAA
- ONTAP 9.4 running on FAS2750 system with Intel Xeon D-1557 without PAA (single-user mode)
Approved Algorithms
AES |
Cert. #5917 |
CKG |
vendor affirmed |
DRBG |
Cert. #2477 |
HMAC |
Cert. #3897 |
KTS |
AES Cert. #5917; key establishment methodology provides 256 bits of encryption strength |
PBKDF |
vendor affirmed |
SHS |
Cert. #4673 |