Manual Chapter :
New Features in this Version
Applies To:
Show Versions
F5OS-A
- 1.5.3
New Features in this Version
Software
This release adds support to the F5 r5000/r10000 FIPS platforms with the latest Hardware Security Module (HSM) firmware version integrated with the software.
F5 recommends upgrading your system with the latest software, HSM firmware, and Tenant software simultaneously. This ensures optimal performance, compatibility, and access to the latest SDK.
For more information, refer to section Firmware upgrades for hardware HSMs in the guide F5 rSeries Systems: Administration and Configuration.
This release includes a following limitation for the r5920-DF and r1920-DF FIPS Platforms.
- The HSM does not support RSA for Key Exchange.
- According to FIPS 140-3 standards,PKCS#1 v1.5 is deprecated due to security vulnerabilities.The utilization of RSA Key exchange algorithms, in combination with TLS 1.2 and earlier versions, relies on PKCS#1 v1.5 for the encryption of the pre-master secret during the key exchange procedure. This recent modification has resulted in potential connection failures for servers and clients attempting to employ TLS 1.2 and earlier versions with the RSA key exchange.For encryption, FIPS-compliant systems must use key wrapping methods or hybrid encryption with approved algorithms.To ensure the ongoing security of your connectivity, F5 strongly recommends you to transition away from the deprecated froms of RSA key exchange. For more information, refer K000149742: F5 rSeries F5OS-A 1.5.3 FIPS upgrade guidance.
Tenants
- For information about supported tenants, see theF5 rSeries hardware productssection of the F5 hardware/software compatibility matrix.
