NSX can be configured to use FIPS 140-2 validated cryptographic modules to comply with FIPS requirements. The modules are validated to FIPS 140-2 standards by the NIST Cryptographic Module Validation Program (CMVP).
All exceptions to FIPS compliance can be retrieved using the compliance report. See View Compliance Status Report for more information.
- VMware’s BoringCrypto Module 3.0: Certificate #4028
- VMware’s OpenSSL FIPS Object Module version 2.0.20-vmw: Certificate #3857
- BC-FJA (Bouncy Castle FIPS Java API) version 1.0.2.1: Certificate #3673
- VMware’s IKE Crypto Module version 1.1.0: Certificate #3435
- VMware’s VPN Crypto Module version 2.0: Certificate #4286
You can find more information about the cryptographic modules that VMware has validated against the FIPS 140-2 standard here: https://www.vmware.com/security/certifications/fips.html.
By default, load balancer uses modules that have FIPS mode turned off. You can turn on FIPS mode for the modules used by load balancer. See Configure Global FIPS Compliance Mode for Load Balancer for more information.
