Manual Chapter : F5 FIPS Platform Introduction

Applies To:

Show Versions Show Versions

BIG-IP AAM

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP APM

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP LTM

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP AFM

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP DNS

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0

BIG-IP ASM

  • 13.1.5, 13.1.4, 13.1.3, 13.1.1, 13.1.0
Manual Chapter

About F5 HSM/FIPS implementations

F5 offers several Federal Information Processing Standard (FIPS) approaches. For specifics on the platforms, software versions, FIPS Certificates, and document for each approach, see f5.com/about-us/certifications.

These solutions are based on the add-on license that you use:

FIPS BIG-IP Platform Module
This is a FIPS 140-2 validated BIG-IP ®system. This system requires a Full-Box FIPS add-on license. Also referred to as Platform FIPS. This system provides FIPS validation without the performance impact of using an embedded HSM.
BIG-IP System with FIPS 140-2 Validated Network HSM
This is a BIG-IP system that uses an external FIPS 140-2 validated Network HSM. This system requires an External Interface and Network HSM add-on license. Also referred to as Network FIPS. This system provides the ability for any BIG-IP system to support validated FIPS traffic.
FIPS BIG-IP Software Module
This is a FIPS 140-2 validated virtual BIG-IP system. This system requires a FIPS 140-2 Level 1 Virtual add-on license. Also referred to as VE FIPS. This provides a validated platform with the flexibility of a virtual appliance.

These solutions are based on the appliance including an embedded FIPS-validated HSM:

FIPS BIG-IP with Embedded HSM
This is a BIG-IP system with an on-board FIPS-validated HSM. This system does not require any specific add-on licenses and requires only a BIG-IP software license that is valid for the specific platform. Also referred to as Embedded FIPS. This provides the increased FIPS level that are available with an embedded FIPS HSM.
FIPS BIG-IP Platform with Embedded HSM
This is an Embedded FIPS system that is licensed with the Platform FIPS license. It provides the performance of the Platform FIPS with the increased FIPS level of the Embedded HSM. This system requires a Full-Box FIPS add-on license. Also referred to as Dual FIPS.