Module Name
VMware's Linux Cryptographic Module
Validation Dates
02/02/2019
Caveat
When operated in FIPS mode with module VMware OpenSSL FIPS Object Module validated to FIPS 140-2 under Cert. #2839 operating in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Powering IPsec encryption and integrity in NSX Edge and NSX Controller is the VMware's Linux Cryptographic Module. The Tunnel mode of the Encapsulating Security Payload (ESP) protocol performed by an IPsec Service kernel stack, such as NETKEY, utilizes the VMware's Linux Cryptographic Module to encrypt, decrypt, and perform integrity checks on data entering and exiting the NSX Edge virtual appliance.
Tested Configuration(s)
- NSX Controller 6.3.0 OS (AKA NSX Controller 12.04 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
- NSX Controller 6.3.0 OS (AKA NSX Controller 12.04 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
- NSX Edge 6.3.0 OS (AKA NSX Edge 3.14 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
- NSX Edge 6.3.0 OS (AKA NSX Edge 3.14 OS) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
- NSX OS 4.4 (AKA BLUX 4.4) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
- NSX OS 4.4 (AKA BLUX 4.4) on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
- PhotonOS 1.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
- PhotonOS 1.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA
- PhotonOS 2.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 with PAA
- PhotonOS 2.0 on ESXi 6.0 running on a Dell PowerEdge T620 with Intel Xeon E5-2440 without PAA (single-user mode)