This page was not yet optimized for use on mobile
devices.
Virtual SmartZone (vSZ) WLAN Controller
Certificate #3772
Webpage information
Security policy
Symmetric Algorithms
AES, AES-256, DES, Triple-DES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-512, HMAC-SHA-384, CMACAsymmetric Algorithms
RSA-2048, RSA 3072, RSA-3072, RSA-4096, ECDH, ECDSA, ECC, Diffie-Hellman, DH, DSAHash functions
SHA-1, SHA1, SHA-256, SHA-512, SHA-224, SHA-384, SHA384, MD5Schemes
Key Exchange, Key AgreementProtocols
SSH, SSHv2, TLSv1.2, TLS v1.2, TLS, IKEv2, IKE, IPsecRandomness
DRBGLibraries
OpenSSLElliptic Curves
P-224, P-384, P-256Block cipher modes
ECB, CBC, CTR, OFB, GCM, CCMTLS cipher suites
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256JavaCard API constants
ED25519Security level
Level 1Certification process
out of scope, Officer N/A 1 Invoking the Software Update service will result in a version of the product that is out of scope of this validation and therefore not validated. To remain in the validated configuration the, Service shall not be evoked. Updating the software will result in a version of the product that is out of scope and therefore not validated. 9. References Table 14: References Reference Specification [ANS X9.31Standards
FIPS 140-2, FIPS 197, FIPS 198-1, FIPS 180-4, FIPS 186-4, FIPS 186-2, FIPS 202, SP 800-38A, SP 800-38D, SP 800-133, SP 800-135, SP 800-56A, SP 800-90A, SP 800-38F, SP 800-52, SP 800-38B, SP 800-38C, PKCS1, PKCS#1, PKCS#5, PKCS#12, RFC 5647File metadata
| Creation date | D:20201028134116-07'00' |
|---|---|
| Modification date | D:20201028134134-07'00' |
| Pages | 24 |
| Creator | Acrobat PDFMaker 17 for Word |
| Producer | Adobe PDF Library 15.0 |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 3772,
"dgst": "31a7410194e66979",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"SHS#C814",
"CVL#C815",
"DSA#C815",
"AES#C814",
"HMAC#3400",
"SHS#4146",
"RSA#2760",
"DRBG#1904",
"KTS#5098",
"ECDSA#1323",
"HMAC#C814",
"AES#5098"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 1
},
"ECDH": {
"ECDH": 23
},
"ECDSA": {
"ECDSA": 17
}
},
"FF": {
"DH": {
"DH": 5,
"Diffie-Hellman": 1
},
"DSA": {
"DSA": 3
}
},
"RSA": {
"RSA 3072": 2,
"RSA-2048": 2,
"RSA-3072": 1,
"RSA-4096": 2
}
},
"certification_process": {
"OutOfScope": {
"Officer N/A 1 Invoking the Software Update service will result in a version of the product that is out of scope of this validation and therefore not validated. To remain in the validated configuration the": 1,
"Service shall not be evoked. Updating the software will result in a version of the product that is out of scope and therefore not validated. 9. References Table 14: References Reference Specification [ANS X9.31": 1,
"out of scope": 2
}
},
"cipher_mode": {
"CBC": {
"CBC": 7
},
"CCM": {
"CCM": 1
},
"CTR": {
"CTR": 4
},
"ECB": {
"ECB": 1
},
"GCM": {
"GCM": 7
},
"OFB": {
"OFB": 1
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {
"OpenSSL": {
"OpenSSL": 2
}
},
"crypto_protocol": {
"IKE": {
"IKE": 1,
"IKEv2": 4
},
"IPsec": {
"IPsec": 21
},
"SSH": {
"SSH": 24,
"SSHv2": 9
},
"TLS": {
"TLS": {
"TLS": 33,
"TLS v1.2": 8,
"TLSv1.2": 2
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 1
},
"KEX": {
"Key Exchange": 2
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"P-224": 2,
"P-256": 6,
"P-384": 10
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES CBC 128/192/256": 1,
"AES-128": 1,
"AES-128/ 192/ 256": 1,
"AES-256": 1,
"HMAC SHA-256": 1,
"HMAC-SHA-1": 8,
"HMAC-SHA-1-96": 2,
"HMAC-SHA-256": 8,
"HMAC-SHA-384": 6,
"HMAC-SHA1": 4,
"HMAC-SHA256": 2,
"HMAC-SHA512 80": 2,
"PKCS#1": 2,
"PKCS#12": 2,
"PKCS#5": 2,
"PKCS1": 3,
"RSA 3072": 2,
"RSA PKCS1": 1,
"SHA-1": 2,
"SHA-1 / 224": 1,
"SHA-1, 224": 2,
"SHA-224": 1,
"SHA-256": 3,
"SHA-384": 4,
"SHA-512": 1,
"SHA1": 1,
"SHA384": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"MD": {
"MD5": {
"MD5": 2
}
},
"SHA": {
"SHA1": {
"SHA-1": 5,
"SHA1": 1
},
"SHA2": {
"SHA-224": 2,
"SHA-256": 3,
"SHA-384": 4,
"SHA-512": 1,
"SHA384": 1
}
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"ED25519": 1
}
},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 19
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 6,
"FIPS 180-4": 3,
"FIPS 186-2": 1,
"FIPS 186-4": 3,
"FIPS 197": 3,
"FIPS 198-1": 3,
"FIPS 202": 1
},
"NIST": {
"SP 800-133": 1,
"SP 800-135": 7,
"SP 800-38A": 2,
"SP 800-38B": 1,
"SP 800-38C": 1,
"SP 800-38D": 2,
"SP 800-38F": 2,
"SP 800-52": 1,
"SP 800-56A": 2,
"SP 800-90A": 5
},
"PKCS": {
"PKCS#1": 1,
"PKCS#12": 1,
"PKCS#5": 1,
"PKCS1": 2
},
"RFC": {
"RFC 5647": 1
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 15,
"AES-256": 1
}
},
"DES": {
"3DES": {
"TDEA": 1,
"Triple-DES": 1
},
"DES": {
"DES": 2
}
},
"constructions": {
"MAC": {
"CMAC": 1,
"HMAC": 11,
"HMAC-SHA-256": 5,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {},
"tls_cipher_suite": {
"TLS": {
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA256": 1,
"TLS_DHE_RSA_WITH_AES_256_CBC_SHA256": 1,
"TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256": 1,
"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256": 1,
"TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384": 1,
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384": 1
}
},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "",
"/Comments": "",
"/CreationDate": "D:20201028134116-07\u002700\u0027",
"/Creator": "Acrobat PDFMaker 17 for Word",
"/Keywords": "",
"/ModDate": "D:20201028134134-07\u002700\u0027",
"/Producer": "Adobe PDF Library 15.0",
"/SourceModified": "D:20201028202836",
"/Subject": "",
"/Title": "",
"pdf_file_size_bytes": 564503,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 24
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "9581502d3e8214df709e2befb33a53691739702238e6f2911db934ca828032ac",
"policy_txt_hash": "6ec24f7516cdf2a11eae3360381a3e298ac5e4fa7a594806325a1670a0b64bd2"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 2 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2020_040121_1006_signed.pdf",
"date_sunset": null,
"description": "The Ruckus Virtual SmartZone (vSZ-E and vSZ-H hosted on a physical device) is an NFV-based WLAN controller for service providers and enterprises ready to elevate their WLAN deployment to the next level of flexibility, resiliency, and scale.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Roles, Services, and Authentication: Level 2",
"Physical Security: N/A",
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": "SP 800-56Arev3 transition",
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Virtual SmartZone (vSZ) WLAN Controller",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "historical",
"sw_versions": "5.1.1.3",
"tested_conf": [
"CentOS 6.8 on VMware ESXi v6.5.0 running on Dell PowerEdge R740 with Intel Xeon Platinum 8160 CPU with PAA",
"CentOS 6.8 on VMware ESXi v6.5.0 running on Dell PowerEdge R740 with Intel Xeon Platinum 8160 CPU without PAA (single-user mode)"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2020-12-16",
"lab": "UL Verification Services, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Ruckus Wireless, Inc.",
"vendor_url": "http://www.ruckuswireless.com"
}
}