FIPS 140-2 is a U.S. government cyber security standard used to approve
cryptographic modules and algorithms used for encryption. Three
Metasys component types have been updated at Release 11.0 and Release 12.0,
respectively, to include FIPS 140-2 certification or compliance; however, they
have been implemented differently as shown below:
- Network engines: FIPS 140-2 Level 1 compliance is included by default in all SNE, SNC, and NAE55xx-2/-3 series network engines that have Release 11.0 or later software and is an optional feature that can be purchased separately and added onto NAE85/LCS85 series network engines. FIPS 140-2 Level 1 compliance is certified for SNE and SNC series network engines.
- Metasys Application Servers (ADS, ADX, and OAS): FIPS 140-2 Level 1 compliance is an optional feature that can be purchased separately and added on to Metasys Server offerings from Release 11.0.
- CGE and CVE series equipment controllers: FIPS 140-2 Level 1 compliance is included by default in all CGE and CVE series equipment controllers at Release 12.0 that have 10.0 firmware.
In addition, FIPS 140-2 enhancements result in the following mixed site compatibility behaviors that need to be understood to prevent field misunderstanding and rework.
Communication behavior | Site Director type and FIPS 140-2 status | ||
---|---|---|---|
Network Engine at Release 12.0. FIPS 140-2 is included by default. | Metasys Server or NAE85/LCS85 at Release 12.0, and FIPS 140-2 is added. | Metasys Server at Release 12.0 or NAE85/LCS85, but FIPS 140-2 is not added. | |
Can communicate with child network engines at Release 10.1 or earlier (FIPS 140-2 not available) | No | No | Yes |
Can communicate with child network engines at Release 11.0 or 12.0 (FIPS 140-2 is default) | Yes | Yes | Yes |