background image
ProxySG 900 Series Security Policy, Version 0.7
May 29, 2014
Blue Coat ProxySG 900 Series
Page 8 of 40
© 2014 Blue Coat Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this copyright notice.
2.2 Module Specification
For the FIPS 140-2 validation, the crypto module was tested on the following SG900
appliance
configurations:
Table 3 SG900 Appliance Configurations
Hardware Version
Model
Proxy Edition
MACH5 Edition
SG900-10B
090-02988
090-02989
SG900-20
090-02903
090-02902
SG900-30
090-02905
090-02904
SG900-45
090-02909
090-02908
SG900-55
090-02979
090-02980
The Proxy edition and MACH5 edition hardware version numbers represent licensing options available.
The MACH5 and Proxy editions run on the exact same hardware and firmware and are exactly the same
from a cryptographic functionality and boundary perspective. The MACH5 and Proxy editions vary in
only data processing capabilities; the Crypto Officer and User services of the module are identical for both
licensing editions. Table 1 above provides a mapping between the capabilities and the licensing edition.
The SG900 offers an affordable rack-mountable appliance solution for small enterprises and branch offices
that have direct access to the Internet. The front panel, as shown in Figure 2 below, has 1 Liquid Crystal
Display (LCD) interface, 2 Light Emitting Diodes (LEDs), and six control buttons (NOTE: the front panel
control buttons are disabled in FIPS-Approved mode). Connection ports are at the rear, as shown in Figure
3.
Figure 2 SG900 (Front View)
For the FIPS 140-2 validation, the module was tested on the following SG900 appliance configurations:
SG900 (SG900-10B, SG900-20, SG900-30, SG900-45, SG900-55) with a Cavium CN1610 PCI-e9
SSL HAC
The SG900 is a hardware module with a multi-chip standalone embodiment. The overall security level of
the module is 2. The cryptographic boundary of the SG900 is defined by the appliance chassis, which
surrounds all the hardware and firmware. The module firmware, version 6.5.1.103, contains the SGOS 6.5
Cryptographic Library version 3.1.1.
9 PCI-e ­ Peripheral Component Interconnect Express