The Federal Information Processing Standard (FIPS) 140-2 is a U.S. and Canadian government standard that specifies security requirements for cryptographic modules. 

 

VMware has validated various cryptographic modules against the FIPS 140-2 standard.  The FIPS 140-2 standard specifies and validates the cryptographic and operational requirements for the modules within security systems that protect sensitive information.  These modules employ NIST-Approved security functions such as cryptographic algorithms, key sizes, key management and authentication techniques.

 

VMware FIPS 140-2 Validated Cryptographic Modules:

 

VMware's IKE Crypto Module (AKA SafeZone 1.1.0):

 

BC-FJA (Bouncy Castle FIPS Java API):

  • The Bouncy Castle FIPS Java API is a comprehensive suite of FIPS Approved algorithms implemented in pure Java. All key sizes and modes have been implemented to allow flexibility and efficiency, and additional algorithms are available in non-approved operation as well. The module is designed to integrate with the associated Bouncy Castle APIs including those for TLS, X.509, CMS, S/MIME, TSP, PKIX, and OpenPGP.
  • View Certificate #3152 (April 2019)
  • View Security Policy

 

VMware's Linux Cryptographic Module:

  • Powering IPsec encryption and integrity in NSX Edge and NSX Controller is the VMware's Linux Cryptographic Module. The Tunnel mode of the Encapsulating Security Payload (ESP) protocol performed by an IPsec Service kernel stack, such as NETKEY, utilizes the VMware's Linux Cryptographic Module to encrypt, decrypt, and perform integrity checks on data entering and exiting the NSX Edge virtual appliance.
  • View Certificate #3356 (February 2019)
  • View Security Policy

 

VMware BC-FJA (Bouncy Castle FIPS Java API):

  • The VMware BC-FJA (Bouncy Castle FIPS Java API) is a software cryptographic module that provides cryptographic functions and services to various VMware applications via a well-defined Java-language application programming interface (API).
  • View Certificate #3185 (May 2018)
  • View Security Policy

 

VMware VMkernel Cryptographic Module:

 

VMware Java JCE (Java Cryptographic Extension) Module:

  • The VMware Java JCE (Java Cryptographic Extension) Module is a software cryptographic module based on the Legion of the Bouncy Castle Inc. FIPS Java API (BC-FJA) Module (SW Version 1.0.0). The module is a software library that provides cryptographic functions to various VMware applications via a well-defined Java-language application program interface (API).
  • View Certificate #2866 [ March 2017 ]
  • View Security Policy

 

VMware OpenSSL FIPS Object Module:

 

VMware AirWatch 3rd Party Assessment and Attestation:

  • VMware AirWatch Mobile Device Management and Architecture products use FIPS 140-2 modules validated by a NIST accredited laboratory to ensure the proper usage of FIPS modules. These products included the core AirWatch MDM Architecture and the AirWatchApplication SDK.
  • View Assessment and Attestation Letter [ November 2016 ]    

 

VMware Horizon JCE (Java Cryptographic Extension) Module:

 

VMware Java JCE (Java Cryptographic Extension) Module:

 

VMware Kernel Cryptographic Module:

 

VMware NSS Cryptographic Module:

 

VMware Cryptographic Module:

 

PCoIP Cryptographic Module for VMware View™:

 

VMware ACE Cryptographic Engine:

  • The ACE Encryption Engine allows virtual machines to be encapsulated into files that can be saved, copied, and provisioned. VMware Software Cryptographic Implementation is the kernel implementation that enables the VMware ACE application to perform its cryptographic functions such as hashing, encryption, digital signing, etc.
  • View Certificate #859 [ November 2007 ]
  • View Security Policy

 

Sign up for Security Advisories

Enter your email address:




VMware Security Response Center

Stay informed about security issues and considerations for your virtual infrastructure.

Visit Security Response Center