The Federal Information Processing Standard (FIPS) 140-2 is a U.S. and Canadian government standard that specifies security requirements for cryptographic modules. 

 

VMware has validated various cryptographic modules against the FIPS 140-2 standard.  The FIPS 140-2 standard specifies and validates the cryptographic and operational requirements for the modules within security systems that protect sensitive information.  These modules employ NIST-Approved security functions such as cryptographic algorithms, key sizes, key management and authentication techniques.

 

VMware FIPS 140-2 Validated Cryptographic Modules:

 

VMware VMkernel Cryptographic Module:

  •  Status: [ In progress ]

 

VMware Java JCE (Java Cryptographic Extension) Module

  • The VMware Java JCE (Java Cryptographic Extension) Module is a software cryptographic module based on the Legion of the Bouncy Castle Inc. FIPS Java API (BC-FJA) Module (SW Version 1.0.0). The module is a software library that provides cryptographic functions to various VMware applications via a well-defined Java-language application program interface (API).
  • View Certificate #2866 [ March 2017 ]
  • View Security Policy

 

VMware OpenSSL FIPS Object Module:

 

VMware AirWatch 3rd Party Assessment and Attestation:

  • VMware AirWatch Mobile Device Management and Architecture products use FIPS 140-2 modules validated by a NIST accredited laboratory to ensure the proper usage of FIPS modules. These products included the core AirWatch MDM Architecture and the AirWatchApplication SDK.
  • View Assessment and Attestation Letter [ November 2016 ]    

 

VMware Horizon JCE (Java Cryptographic Extension) Module:

 

VMware Java JCE (Java Cryptographic Extension) Module:

 

VMware Kernel Cryptographic Module:

 

VMware NSS Cryptographic Module:

 

VMware Cryptographic Module:

 

PCoIP Cryptographic Module for VMware View™:

 

VMware ACE Cryptographic Engine:

  • The ACE Encryption Engine allows virtual machines to be encapsulated into files that can be saved, copied, and provisioned. VMware Software Cryptographic Implementation is the kernel implementation that enables the VMware ACE application to perform its cryptographic functions such as hashing, encryption, digital signing, etc.
  • View Certificate #859 [ November 2007 ]
  • View Security Policy

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Sign up for Security Advisories

Enter your email address:




VMware Security Response Center

Stay informed about security issues and considerations for your virtual infrastructure.

Visit Security Response Center