Module Name
NetApp Cryptographic Security Module
Validation Dates
05/27/2016;06/10/2016;10/29/2019;02/10/2021
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys.
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The NetApp Cryptographic Security Module is a software library that provides cryptographic services to a vast array of NetApp's storage and networking products.
Tested Configuration(s)
- Debian Linux 8 running on Fujitsu RX200S5 Server with Intel Xeon E5-2609V4 (Broadwell) with PAA
- Debian Linux 8 running on Fujitsu RX300-S6 Server with Intel Xeon E5645 (Westmere EP) without PAA
- FreeBSD 9.1 running on Fujitsu RX200S5 Server with Intel Xeon E5-2609V4 (Broadwell) with PAA
- FreeBSD 9.1 running on Fujitsu RX300-S6 Server with Intel Xeon E5645 (Westmere EP) without PAA
- ONTAP 9.7P6 running on FAS2650 with Intel Xeon D-1528 with PAA
- ONTAP 9.7P6 running on FAS2650 with Intel Xeon D-1528 without PAA
- ONTAP 9.7P6 running on NetApp AFF A800 with Intel Xeon Platinum 8160 with PAA
- ONTAP 9.7P6 running on NetApp AFF A800 with Intel Xeon Platinum 8160 without PAA
- ONTAP 9.7P6 running on NetApp FAS8300 with Intel Xeon Silver 4210 with PAA
- ONTAP 9.7P6 running on NetApp FAS8300 with Intel Xeon Silver 4210 without PAA
- ONTAP 9.7P6 running on NetApp FAS9000 with Intel Xeon E5-2697 with PAA
- ONTAP 9.7P6 running on NetApp FAS9000 with Intel Xeon E5-2697 without PAA (single-user mode)
- Scientific Linux 6.1 running on Fujitsu RX200S5 Server with Intel Xeon E5-2609V4 (Broadwell) with PAA
- Scientific Linux 6.1 running on Fujitsu RX300-S6 Server with Intel Xeon E5645 (Westmere EP) without PAA
- SUSE Linux 11 running on Fujitsu RX200S5 Server with Intel Xeon E5-2609V4 (Broadwell) with PAA
- SUSE Linux 11 running on Fujitsu RX300-S6 Server with Intel Xeon E5645 (Westmere EP) without PAA
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #615 and #A950, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 128 bits of encryption strength)