BLOG

New FIPS and Turbo SSL Appliances

F5 缩略图
F5
Published July 09, 2018

In a world where attacks and breaches happen almost every day, securing your applications is mission-critical no matter whether you are in government, healthcare, financial services, or any other business. Fundamentally, almost every aspect of our life revolves around data, and the growth of digitalization seems to lead nearly every industry and business to collect and transmit sensitive data as a standard business practice. This indeed highlights the importance for businesses to improve their security controls and countermeasures. And, as times passes, there are new rules and regulations being formed every day to support the same.

In May, EU’s General Data Protection Regulation (GDPR) came into effect, setting rules which give EU citizens more control over their personal data. Under terms of GDPR, organizations operating within the EU as well as any organization doing business in the EU have to make sure that all personal data that is collected must be gathered legally and must be protected from any misuse or exploitation. The organizations who fail to do so will face penalties such as fines or giving up a certain percentage of their global turnover. Because GDPR is a regulation and not a directive, it forces organizations to not just comply with it but also strengthen and tighten their security standards across the globe.

Another example of increased security requirements is President Trump’s Executive Order from last year that focuses on strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, requiring all heads of executive agencies and departments to modernize and strengthen the cybersecurity utilized within federal networks and critical infrastructure.

In this changing business landscape, the need for more secure applications and tighter controls over data is inevitable. F5 understands this need and is committed to providing secure infrastructure, no matter whether you are on-prem or in the cloud.

There are many FIPS requirements that deal with different elements of security. One that is most applicable to the network and cloud security world is FIPS 140-2, which applies to cryptographic module security accreditation: the validation and certification of the security for the combination of hardware, software, and firmware executing cryptographic functions. Many U.S. federal and Canadian government agencies – in addition to security-conscious enterprises – require that their network and security equipment adhere to and are compliant with FIPS 140-2 standards.

Within FIPS 140-2, there are four additional security levels. The most commonly applied standards are FIPS 140-2 Level 2, which requires tamper-evident means to indicate physical access to cryptographic keys or a security parameter; and, FIPS 140-2 Level 3, which adds tamper-resistance, an additional means of detection to the tamper-evident methods of Level 2, as well as a response to physical access attempts, or to cryptographic module use or tampering.

F5 is pleased to announce the general availability of 5 new hardware appliances. The two new FIPS 140-2 compliant iSeries models (i5820-DF and i7820-DF), and three new iSeries variants with Turbo SSL (i11800-DS, i11600-DS, and i11400-DS).

The FIPS and Turbo SSL iSeries appliances replace existing ”BIG-IP Standard Series” platform equivalents and offer far better price/performance that is characteristic of the next-generation F5 iSeries appliance portfolio. 

The two new FIPS models are cost-effective appliances with greater SSL TPS and incorporate the Cavium Nitrox III FIPS 140-2 Level 3 certified HSM.

The other 3 appliances are Turbo SSL iSeries from a single hardware platform with three different performance tiers. All three platforms offer vCMP, HW Compression, and TurboFlex capabilities. The i11800-DS, i11600-DS, and i11400-DS now have 7x better ECC performance and 2x better bulk encryption versus the Standard series equivalents. This improvement in performance has become important with the finalization and deployments of the TLS 1.3 and with adoption of Perfect Forward Secrecy (PFS).

In conclusion, as the business landscape evolves throughout the world, applications are positioned as the most important asset of the digital enterprise. Effective management of this application capital is extremely critical for the growth of revenue and innovation, along with differentiation and value creation for the modern enterprise. F5 is committed to addressing these aspects and protecting every application anywhere, along with meeting all security compliance requirements.

Look forward to more advancements from F5 in the future.

Additional Resources