Ruckus Networks Virtual SmartZone - Data Plane (vSZ-D)

Certificate #4567

Webpage information ?

Status active
Validation dates 30.08.2023
Sunset date 21-09-2026
Standard FIPS 140-2
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat When operated in FIPS mode. When initialized and configured as specified in Section 8 of the Security Policy.
Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 2
  • Mitigation of Other Attacks: N/A
Description The Ruckus Virtual SmartZone-Dataplane (vSZ-D) offers organizations more flexibility in deploying the dataplane as needed in a Network Function Virtualization (NFV) architecture aligned fashion. It offers secure tunneling of user data traffic that encrypts payload traffic, maintains flat network topology, enables mobility across L2 subnets, and offers differentiated per site policy control and QoS amongst others.
Tested configurations
  • CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel Xeon E5-2650 v2 without AES-NI (single-user mode)
  • CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel XeonE5-2650 v2 with AES-NI
Vendor CommScope Technologies LLC
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-256, AES-, DES, TDES, TDEA, HMAC, CMAC
Asymmetric Algorithms
RSA 4096, RSA 3072, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSA
Hash functions
SHA1, SHA-256, SHA-512, SHA-384, SHA-3, MD5
Schemes
Key Agreement
Protocols
SSH, TLSv1.2, TLS, IKEv2, IPsec
Randomness
DRBG
Libraries
OpenSSL
Elliptic Curves
P-256, P-384, P-521
Block cipher modes
CBC, CTR, GCM, CCM

JavaCard API constants
ED25519
Trusted Execution Environments
SSC

Security level
Level 1

Standards
FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 198-1, FIPS 186-2, FIPS 180-4, FIPS 202, SP 800-38A, SP 800-38D, SP 800-135, SP 800-90A, SP 800-38F, SP 800-52, SP 800-38B, SP 800-38C, SP 800-56A, SP 800-56B, SP 800-56C, SP 800-89, SP 800-108, SP 800-132, PKCS#1, PKCS#5, PKCS#12, RFC 5288, RFC 5647

File metadata

Creation date D:20230516172729-04'00'
Modification date D:20230516172729-04'00'
Pages 17
Creator Microsoft® Word 2016
Producer Microsoft® Word 2016

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

  • 18.09.2023 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4567,
  "dgst": "db2e7f1bd5ab9968",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "DRBG#C2085",
        "KAS#C2085",
        "CVL#C2085",
        "KAS#A2458",
        "SHS#C2085",
        "KAS-SSC#A2458",
        "HMAC#C2085",
        "RSA#C2085",
        "ECDSA#C2085",
        "AES#C2085",
        "KTS#C2085"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 13
          },
          "ECDSA": {
            "ECDSA": 5
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 3
          },
          "DSA": {
            "DSA": 1
          }
        },
        "RSA": {
          "RSA 3072": 2,
          "RSA 4096": 3
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 3
        },
        "GCM": {
          "GCM": 10
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 1
        }
      },
      "crypto_protocol": {
        "IKE": {
          "IKEv2": 23
        },
        "IPsec": {
          "IPsec": 11
        },
        "SSH": {
          "SSH": 6
        },
        "TLS": {
          "TLS": {
            "TLS": 24,
            "TLSv1.2": 20
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-256": 4,
          "P-384": 14,
          "P-521": 8
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES (128": 1,
          "AES 128/256": 1,
          "AES-256": 6,
          "AES-CBC 128/192/256": 2,
          "AES-GCM (128": 1,
          "HMAC-SHA1": 4,
          "HMAC-SHA256": 6,
          "HMAC-SHA384": 2,
          "HMAC-SHA512 160": 2,
          "HMAC-SHA512 256": 4,
          "PKCS#1": 2,
          "PKCS#12": 2,
          "PKCS#5": 2,
          "RSA 3072": 2,
          "RSA 4096": 3,
          "SHA-3": 1,
          "SHA-384": 3,
          "SHA1": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 4
        }
      },
      "hash_function": {
        "MD": {
          "MD5": {
            "MD5": 1
          }
        },
        "SHA": {
          "SHA1": {
            "SHA1": 1
          },
          "SHA2": {
            "SHA-256": 1,
            "SHA-384": 2,
            "SHA-512": 1
          },
          "SHA3": {
            "SHA-3": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "ED25519": 1
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 30
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 13,
          "FIPS 180-4": 2,
          "FIPS 186-2": 7,
          "FIPS 186-4": 9,
          "FIPS 197": 2,
          "FIPS 198-1": 2,
          "FIPS 202": 1
        },
        "NIST": {
          "SP 800-108": 1,
          "SP 800-132": 1,
          "SP 800-135": 2,
          "SP 800-38A": 2,
          "SP 800-38B": 1,
          "SP 800-38C": 1,
          "SP 800-38D": 2,
          "SP 800-38F": 3,
          "SP 800-52": 1,
          "SP 800-56A": 1,
          "SP 800-56B": 1,
          "SP 800-56C": 1,
          "SP 800-89": 1,
          "SP 800-90A": 6
        },
        "PKCS": {
          "PKCS#1": 1,
          "PKCS#12": 1,
          "PKCS#5": 1
        },
        "RFC": {
          "RFC 5288": 1,
          "RFC 5647": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 7,
            "AES-": 2,
            "AES-256": 6
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "TDES": 1
          },
          "DES": {
            "DES": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 1,
            "HMAC": 4
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 6
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/CreationDate": "D:20230516172729-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2016",
      "/ModDate": "D:20230516172729-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2016",
      "pdf_file_size_bytes": 551890,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://support.ruckuswireless.com/software?format=coveo#q=virtual%20smartzone%205.2.1.3\u0026layout=table",
          "https://support.ruckuswireless.com/documents/3509"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 17
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "790fb0867b063f66e129c6d982aa96a158f75b006649849aa076176e58c0c72d",
    "policy_txt_hash": "d60b7b6954360f64413842719bcfb3921a1f57e402723976086bbc589045e39d"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode. When initialized and configured as specified in Section 8 of the Security Policy.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2023_010923_0844.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Ruckus Virtual SmartZone-Dataplane (vSZ-D) offers organizations more flexibility in deploying the dataplane as needed in a Network Function Virtualization (NFV) architecture aligned fashion. It offers secure tunneling of user data traffic that encrypts payload traffic, maintains flat network topology, enables mobility across L2 subnets, and offers differentiated per site policy control and QoS amongst others.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Roles, Services, and Authentication: Level 2",
      "Physical Security: N/A",
      "Design Assurance: Level 2",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Ruckus Networks Virtual SmartZone - Data Plane (vSZ-D)",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "5.2.1.3",
    "tested_conf": [
      "CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel Xeon E5-2650 v2 without AES-NI (single-user mode)",
      "CentOS 7.5 on VMware ESXi 6.5.0 running on Dell PowerEdge R620 with Intel XeonE5-2650 v2 with AES-NI"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-08-30",
        "lab": "GOSSAMER SECURITY SOLUTIONS INC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "CommScope Technologies LLC",
    "vendor_url": "http://www.commscope.com/ruckus"
  }
}