Module Name
NetApp CryptoMod
Caveat
Interim validation. When installed, initialized and configured as specified in section 11 of the Security Policy
Security Level Exceptions
- Physical security: N/A
- Mitigation of other attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
NetApp CryptoMod is a software cryptographic module whose purpose is to provide encryption/decryption services for NetApp’s ONTAP Operating System (OS) kernel. The CryptoMod module makes use of the AES-NI instruction set in Intel processors. Since CryptoMod can support non-PAA implementations as well as PAA implementations of the pertinent cryptographic algorithms, CryptoMod is designated as a software-only cryptographic module.
Tested Configuration(s)
- ONTAP 9.11.1 running on AFF A250 system with an Intel Xeon D-2164IT with PAA
- ONTAP 9.11.1 running on AFF A250 system with an Intel Xeon D-2164IT without PAA
- ONTAP 9.11.1 running on AFF A400 system with an Intel Xeon Silver 4210 with PAA
- ONTAP 9.11.1 running on AFF A400 system with an Intel Xeon Silver 4210 without PAA
- ONTAP 9.11.1 running on AFF A900 system with an Intel Xeon Platinum 8352Y with PAA
- ONTAP 9.11.1 running on AFF A900 system with an Intel Xeon Platinum 8352Y without PAA
Approved Algorithms
AES-XTS Testing Revision 2.0
