FIPS140 Enterprise Grade-Security

Meeting strict regulatory guidelines

The Federal Information Processing Standards (FIPS) Publication 140-2 is a set of security standards established by the National Institute of Standards and Technology (NIST) for cryptographic modules. The purpose of FIPS 140-2 is to ensure the security and integrity of sensitive information handled by cryptographic systems. This standard provides a framework for the evaluation and validation of cryptographic modules used by federal agencies and regulated industries to protect sensitive data.

FIPS 140-2 defines four security levels (Level 1 through Level 4), each specifying increasingly stringent requirements for the design and implementation of cryptographic modules. Modules that comply with FIPS 140-2 have undergone a thorough evaluation process, including technical testing and formal validation, to confirm their security features and adherence to the specified standards.

Assuring secure service availability

OM2200, OM1200, and CM8100 product families are complying with FIPS 140-2 (level1) by utilizing OpenSSL 3.x cryptographic module that has been validated to meet the FIPS 140-2 standards and has received Certificate #4282.

Opengear have followed the implementation guidelines in accordance with OpenSSL FIPS 140-2 security policy https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp4282.pdf.

OpenSSL is an open-source implementation of the SSL/TLS and general-purpose cryptography library. OpenSSL provides a robust and widely adopted foundation for secure communication and data protection. The library supports a range of cryptographic algorithms and protocols, making it a versatile and reliable choice for FIPS-compliant solutions.

For further notes on FIPS implementation and configuration, refer to the user manual at https://resources.opengear.com