 |
||
 |
||
Foundry Enhances Security with FIPS CapabilityServerIron® 4G-SSL-FIPS switch features strong encryption, authentication, and key management capabilities for security-sensitive industries. Security breaches are a growing problem for all companies, but government agencies, healthcare, financial services, and other markets that deal with sensitive information are facing greater risk from increasingly sophisticated attacks. Susceptible data includes patient health records, credit card and banking information, and sensitive government data. In addition to the financial losses that companies can suffer as a result of a security breach, failures in enterprise security measures can affect employee productivity, customer and partner confidence, and even put companies at risk of being out of compliance with the regulations that govern them. To counter potential attacks on their networks, the U.S. federal government created the Federal Information Processing Standards (FIPS) that define document processing, standard algorithms for searching, and other information processing standards for use within government agencies. FIPS encompasses many different standards, including computer data authentication, electronic data interchange, digital signature standard, advanced encryption standard, and more. While FIPS was created by the U.S. federal government, its use extends out to non-government sectors where privacy requirements for data are mandated by various regulations such as Sarbanes-Oxley, the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act. Better Data Protection with Hardened Security The new ServerIron 4G-SSL-FIPS platform includes FIPS 140-2 level 2 certified Secure Sockets Layer (SSL) encryption capabilities, which give the product physical tamper evidence, role- and identity-based authentication, and sophisticated key management for encrypting Internet traffic. "Many organizations have mandates and regulations in terms of privacy of information," says Gary Hemminger, director of product marketing for Layer 4-7 Application Delivery Controller Products at Foundry. "When you're doing SSL encryption, you don't want those keys to be stolen or compromised." Foundry has moved the encryption engine and keys into a small, thin module that's integrated into the ServerIron 4G-SSL-FIPS application delivery switch. The FIPS Publication 140-2 standard specifies using this type of cryptographic module within a system to protect unclassified information within computer and telecommunications. The FIPS 140-2 standard defines security requirements for cryptographic modules. Areas covered within the specification include the secure design and implementation of a cryptographic module, physical security, operational environment and cryptographic key management. Level 2 of FIPS-140 improves the physical security mechanisms of a Level 1 cryptographic module by adding the requirement for the use of tamper-evident coatings or seals on removable covers or doors of the module to guard against unauthorized access. "With traditional SSL, someone can steal components out of hardware and get those encryption keys," Hemminger says. "Our appliance is hardened so if there is a breach, the encryption information will be scrambled and rendered useless." The FIPS-certified card that is contained within the ServerIron 4G-SSL-FIPS measures a mere 6 inches by 4 inches by ½ inches (see Figure 1), giving Foundry the best price/performance in the smallest rack space (1.5U), says Hemminger. Encryption and Beyond According to Hemminger, this product is just the beginning of Foundry's commitment to the FIPS standard, which includes plans to include this capability into other Foundry products in the future. "FIPS is and will continue to be an important part of our roadmap."
Figure 1. The FIPS-certified card contained within the ServerIron 4G-SSL-FIPS measures 6 inches by 4 inches by ½ inches, and it has the power to scramble SSL encryption to protect sensitive data. |
||
