|Uplogix provides solutions for federal networks with products that are FIPS-140-2 compliant and in-process with NIST.|
There are four security levels defined in FIPS 140-2:
- Level 1 | The lowest security level, has basic requirements for a cryptographic module.
- Level 2 | Adds physical security requirements to Level 1 to show evidence of tampering and discourage unauthorized physical access to critical security parameters (CSPs) within the cryptographic module.
- Level 3 | This level goes being discouraging unauthorized physical access to include strong enclosures and tamper detection/response circuitry that erases data within CSPs when the module is opened.
- Level 4 | Designed for physically unprotected environments, requirements at this level provide a complete envelope of protection to detect and respond to unauthorized attempts at phyical access, including environmental changes or attacks designed to thwart the cryptographic module's defenses.
With the RMOS v4.3 release, Uplogix meets the requirements for FIPS 140-2 Level 2 certification from NIST. The enhancements made in the release to the already-significant security features in RMOS meet or exceed government standards for the protection of data and information captured and stored by Uplogix appliances.
Additional improvements to the physical appliance itself include tamper-evident seals and visual obstructions.
FIPS 140-2 compliance is not very common in the network management space. The stringent security features of the Uplogix platform simplified the enhancements required for FIPS 140-2 Level 2 final certification, which is expected in the coming months.