Module Name
Ruckus Networks Virtual SmartZone - Data Plane (vSZ-D)
Caveat
When operated in FIPS mode. When initialized and configured as specified in Section 8 of the Security Policy.
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 2
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Ruckus Virtual SmartZone-Dataplane (vSZ-D) offers organizations more flexibility in deploying the dataplane as needed in a Network Function Virtualization (NFV) architecture aligned fashion. It offers secure tunneling of user data traffic that encrypts payload traffic, maintains flat network topology, enables mobility across L2 subnets, and offers differentiated per site policy control and QoS amongst others.
Tested Configuration(s)
- CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel Xeon E5-2650 v2 without AES-NI (single-user mode)
- CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel XeonE5-2650 v2 with AES-NI
FIPS Algorithms
AES |
Cert. #C2085 |
CKG |
vendor affirmed |
CVL |
Cert. #C2085 |
DRBG |
Cert. #C2085 |
ECDSA |
Cert. #C2085 |
HMAC |
Cert. #C2085 |
KTS |
AES Cert. #C2085 and HMAC Cert. #C2085; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #C2085; key establishment methodology provides 128 or 256 bits of encryption strength |
RSA |
Cert. #C2085 |
SHS |
Cert. #C2085 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #C2085, key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C2085, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG
Software Versions
5.2.1.3