F5 LTM VE - FIPS level 1

Unfortunately my reseller and a different area F5 rep has drawn a blank on any word on future plans which does pose quite a big issue for me/my company - if anyone for F5 happens to see this post and can offer any better news please advise!

 

 

Re-reading what the HSM does I am presuming it does more than securely store the key but the F5 calls via api's my initial thought that I could achieve FIPS level by running a F5 LTM VE on a ESX server that is using FIPS certified hardware based encrypted drives I presume is wrong.

 

 

I presume that my only option to run a VE in FIPS mode is (per http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-platform-fips-administration/1.html)

 

The Thales nShield™ HSM is a network-attached HSM (netHSM™) that is available for use with BIG-IP® systems. Because it is software-based rather than hardware-based, you can use the netHSM FIPS solution with all BIG-IP platforms, including VIPRION® Series chassis. You can also use the netHSM solution with BIG-IP Virtual Edition (VE).

 

 

Unfortunately this means in many ways I lose the benefit of going to a virtual as I will need to replace the physical LTM with a physical stand alone HSM.

 

 

Matt