Module Name
IBM Security XGS 3100, XGS 4100, XGS 5100, and XGS 7100
Validation Dates
02/19/2016;12/20/2016
Caveat
When installed, initialized and configured as specified in the Security Policy Section 3. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Network Intrusion Prevention System (IPS) automatically blocks malicious attacks while preserving network bandwidth and availability. The appliances are purpose-built, Layer 2 network security appliances that you can deploy either at the gateway or the network to block intrusion attempts, denial of service (DoS) attacks, malicious code, backdoors, spyware, peer-to-peer applications, and a growing list of threats without requiring extensive network reconfiguration. The XGS 3100, XGS 4100, XGS 5100, and XGS 7100 can be securely managed via SiteProtector, which is a central management console
FIPS Algorithms
| AES |
Certs. #3280, #3282, #3283, #3284, #3307, #3308, #3309 and #3310 |
| CVL |
Certs. #463, #465, #466 and #467 |
| DRBG |
Certs. #738, #740, #741, #742, #756, #757, #758 and #759 |
| DSA |
Certs. #937, #939, #940 and #941 |
| ECDSA |
Certs. #633, #635, #636, #637, #640, #641, #642 and #643 |
| HMAC |
Certs. #2077, #2079, #2080, #2081, #2099, #2100, #2101 and #2102 |
| RSA |
Certs. #1677, #1679, #1680, #1681, #1691, #1692, #1693 and #1694 |
| SHS |
Certs. #2718, #2720, #2721, #2722, #2740, #2741, #2742 and #2743 |
| Triple-DES |
Certs. #1867, #1869, #1870, #1871, #1883, #1884, #1885 and #1886 |
Other Algorithms
RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Hardware Versions
XGS 3100, XGS 4100, XGS 5100 and XGS 7100; FIPS-LABELS: FIPS 140 tamper evidence labels P/N 00VM255
Firmware Versions
5.3.1 and 5.3.3
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
