background image
Security Policy, Version 1.1
July 30, 2012
Blue Coat ProxySG 510 and ProxySG 810 Appliances
Page 4 of 37
© 2012 Blue Coat Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this copyright notice.
1
Introduction
1.1 Purpose
This is a non-proprietary Cryptographic Module Security Policy for the ProxySG 510 and ProxySG 810
Appliances (Models: ProxySG 510-5, 510-10, 510-20, 510-25 and ProxySG 810-5, 810-10, 810-20, 810-
25; Firmware Version: 6.1) from Blue Coat Systems, Inc..
This Security Policy describes how the
ProxySG 510 and ProxySG 810 Appliances meet the security requirements of Federal Information
Processing Standards (FIPS) Publication 140-2, which details the U.S. and Canadian Government
requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation
program is available on the National Institute of Standards and Technology (NIST) and the
Communications Security Establishment Canada (CSEC) Cryptographic Module Validation Program
(CMVP) website at http://csrc.nist.gov/groups/STM/cmvp.
This document also describes how to run the appliances in a secure FIPS-Approved mode of operation.
This policy was prepared as part of the Level 2 FIPS 140-2 validation of the module. The ProxySG 510
and ProxySG 810 Appliances are referred to in this document collectively as ProxySG 510/810, crypto
module, or module.
1.2 References
This document deals only with operations and capabilities of the module in the technical terms of a FIPS
140-2 cryptographic module security policy.
More information is available on the module from the
following sources:
The Blue Coat website (www.bluecoat.com) contains information on the full line of products from
Blue Coat.
The CMVP website (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm)
contains contact information for individuals to answer technical or sales-related questions for the
module.
1.3 Document Organization
The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this
document, the Submission Package contains:
Vendor Evidence document
Finite State Model document
Validation Submission Summary
Other supporting documentation as additional references
This Security Policy and the other validation submission documentation were produced by Corsec Security,
Inc. under contract to Blue Coat. With the exception of this Non-Proprietary Security Policy, the FIPS
140-2 Submission Package is proprietary to Blue Coat and is releasable only under appropriate non-
disclosure agreements. For access to these documents, please contact Blue Coat.