About the Riverbed cryptographic security module
RCSM v1.1 defines the cryptographic module that separates the cryptography that is FIPS compliant from the rest of the Riverbed system.
The RCSM is compatible with FIPS 140-2 Level 1 requirements. Unlike FIPS 140-2 Level 2 validation, which requires physical security mechanisms, Level 1 validates the software only.
You can achieve FIPS compliance on any Riverbed system that supports Riverbed software that contains the RCSM.
The RCSM appears as the validated cryptographic module on the NIST vendor page instead of a specific Riverbed appliance. The NIST vendor page is available at this URL:
Throughout this guide, FIPS mode and FIPS compliance refer to use of the RCSM.
The NIST vendor page lists the first qualified version of the Riverbed software. Riverbed has maintained compliance through subsequent releases because the underlining RCSM has not changed, and the protocols that use the RCSM in subsequent Riverbed releases not listed on the NIST page have not changed.
This guide is updated with new and relevant information for the features that impact FIPS as they have evolved.