Meeting strict regulatory guidelines
The US National Institute of Standards and Technology (NIST) publishes the FIPS (Federal Information Processing Standard) series of standards. FIPS 140-1 and FIPS 140-2 are both technical standards and worldwide de-facto standards for the implementation of cryptographic modules.
These standards and guidelines are issued by NIST for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions. FIPS 140-2 is a standard specific to cryptographic implementations.
Assuring secure service availability
The Remote Site Gateway, Resilience Gateway, IM7200, and CM7100 families all use an embedded FIPS140-2 OpenSSL cryptographic module that has been validated to meet the FIPS 140-2 standards and has received Certificate #2473. When using SSH, HTTPS or SDTConnector to connect to any service on the console servers when they are running in FIPS mode, they will be utilizing the embedded FIPS compliant module. To connect you must also be using cryptographic algorithms that are FIPs approved or it will fail.
The OpenSSL project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library.
The Open Source Software Institute (OSSI) is a non-profit organization dedicated to the promotion and implementation of open source solutions within U.S. federal, state and municipal government agencies and academic entities. As a part of its charter OSSI works with representatives of the U.S. government, IT industry and open source community to maintain and support open source projects such as OpenSSL.
Opengear partnered with OSSI and the OpenSSL project to sponsor an extension of the existing OpenSSL FIPS Object Module v1.2 validation to enable it to meet the FIPS 140-2 standards for ARM processors. Opengear has a long tradition of working with organizations and people in the open source community to help spread the use of open standards and OSS. This FIPS validated OpenSSL development is one example.
Opengear’s FIPS validated cryptographic modules secure in-band and out-of-band management and ensure that IT and network services are always available, improving efficiencies and maximizing uptime.