Certifications

Updated Date: Updated Date: June 4, 2024

Government Regulations

F5 maintains an active product certification and evaluation program—aligned with government regulations—for maintaining a secure IT environment.

Federal Information Processing Standard (FIPS) 140-2 / 140-3

For BIG-IP, F5 offers several FIPS solutions to meet the most rigorous compliance requirements and architectures. For details of BIG-IP release / system validated combinations, please see the chart below.

  • The F5 FIPS BIG-IP VE incorporates a NIST-validated at FIPS 140-2 Level 1 software-based cryptographic module for x86 platforms. BIG-IP VE is also targeted for FIPS 140-3 Level 1 validation.
  • The BIG-IP tenant on rSeries and VELOS systems is targeted for NIST validation at FIPS 140-3 Level 2.
  • BIG-IP running on specific appliances and blade / chassis systems provides device-included validation at FIPS 140-2 Level 2, including application of tamper-evident stickers. Device-included validation is also targeted for FIPS 140-3 Level 2 validation.
  • F5OS-A and F5OS-C are also, with their underlying rSeries and VELOS hardware, targeted for FIPS 140-3 Level 2 validation, also with the application of tamper-evident stickers.
  • F5 also offers a select set of BIG-IP systems, which include an HSM that supports a FIPS-validated implementation for RSA cryptographic key generation, use, and protection. 
  • Finally, F5 BIG-IP supports external (network) HSMs; see the table below for details.

Key benefits of using F5 FIPS-compliant solutions:

  • High-performance SSL—Industry-leading performance, with industry recommended standards.
  • Unified platform—BIG-IP is able to consolidate an HSM that provides secure key storage with application delivery solution that has SSL key management and certificate management on a single device. Other solutions require a separate system or a FIPS-certified card for each web server, but the BIG-IP system’s key management framework allows a highly scalable secure infrastructure that can handle higher traffic levels. Organizations can also easily add new services to the infrastructure.
  • Secure resources—F5 solutions safeguard the integrity of businesses by keeping corporate resources safe and protecting corporate brands.

FIPS Integration Support in the Public Cloud

  • AWS CloudHSM – With CloudHSM, you can manage your own encryption keys using FIPS 140-2 Level 3 validated HSMs. BIG-IP v14.1.0 and AWS versions 1.0.18 and 1.1.0.
  • Equinix SmartKey – HSM-grade security in an easy-to-use cloud service with built-in encryption and tokenization, and FIPS 140-2 Level 3 certification. BIG-IP v14.1.0 and SmartKey client version 2.9.804.

F5 FIPS Cryptographic Modules

Integrated Cryptographic Modules

External Cryptographic Modules

Historical FIPS

FIPS certificates have a lifespan and when they are sunset are moved to a historical FIPS list. To find the certificate, go to the CMVP Validated Module search page and perform an Advanced search with “Validation Status” = “Historical”.

Historical FIPS: F5 FIPS Cryptographic Modules

Historical FIPS: Integrated Cryptographic Modules

DFARS 252.204-7012 / NIST SP 800-171 for Confidential Unclassified Information (CUI) is a US Department of Defense Contractor mandate as of December 2017 and is met through FIPS validated solutions covering asymmetric and symmetric crypto operations. Specific F5 FIPS platforms meet this requirement directly, or through the addition of the F5 FIPS module. See above for qualifying platforms and details.

Common Criteria for Information Technology Security Evaluation (Common Criteria, CC)

Common Criteria is an international standard (ISO 15408) for the evaluation of security properties of an IT product. This set of requirements evaluates hardware, software, firewalls, and servers. The evaluation goal is to provide a level of assurance that a device or software securely handles data and has no elements that could compromise its integrity. 

Common Criteria provides assurance to the U.S. Department of Defense and federal intelligence agencies that products they purchase follow presidential requirements for operating secure information systems. Other federal agencies and some financial enterprises find it significantly easier to buy Common Criteria-approved products for their sensitive deployments. F5 has achieved certifications against the Network Device Collaborative Protection Profile and Stateful Traffic Filtering Firewall and SSL / TLC Inspection Proxy Protection Profile Modules, as well as EAL 2+ and EAL 4+ certifications. See chart and links below for details

Common Criteria Certification

Archived Common Criteria

Commercial Solutions for Classified (CSfC)

CSfC is a National Security Agency / Central Security Service (NSA/CSS) program to enable commercial products to be used in layered solutions protecting classified National Security Systems (NSS) data. There are two parts to this program: vendors apply to have their products listed on one or more of the components lists; and then integrators can choose from products on those lists to create solutions. All listed components must have both Common Criteria Certification and FIPS validation for the product to be listed on the component list. See the table below for F5 listings.

Department of Defense Information Network Approved Product List

The US Department of Defense DoDIN APL is a single consolidated list of products that have completed Interoperability (IO) and Information Assurance (IA) certification. DoDIN APL certifications verify the system complies with and is configured consistent with the DISA Field Security Office (FSO) Security Technical Implementation Guides (STIG). See the table below for F5 listings.

For more information about the DoDIN APL process visit the DoDIN APL Testing and Certification Website.

United States Government IPv6 Conformance Certification (USGv6)

The U.S. Office of Management and Budget (OMB) declared that all federal agencies are required to use IPv6 in their networks in OMB Memorandum M-05-22. United States Government IPv6 Conformance Certification (USGv6) is a set of technical standards for the acquisition of IPv6 capable hosts, routers, and network security devices. The National Institute of Standards and Technology (NIST) created the USGv6 conformance standards to support adoption of IPv6 in the U.S. government. See the table below for F5 listings.

F5 BIG-IP is IPv6 Ready and USGv6 certified. View the announcement: F5 Receives IPv6-Ready Gold Logo and USGv6 Certifications

Joint Interoperability Test Command (JITC) Public Key Enabled (PKE)

The Joint Interoperability Test Command (JITC) of the U.S. Department of Defense Information Systems Agency (DISA) provides risk-based Test Evaluation & Certification services, tools, and environments to ensure and enable the rapid deployment of interoperable and operationally effective information technology and national security systems. Clients or servers are tested to assure they are public key enabled (PKE) and able to provide security services, such as authentication, confidentiality, non-repudiation, and access control. The JITC PKE test areas include NIST and JITC certifications, Online Certificate Status Protocol (OCSP), Certificate Revocation Lists (CRLs), and DoD Common Access Cards (CAC).

F5 BIG-IP is certified by the Department of Defense as PUBLIC KEY-ENABLED (PKE). View the announcement: F5 Receives Joint Interoperability Test Command (JITC) Certification

NIST 800-53

NIST Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations, is a core standard defining how to approach information security and risk management within the federal government. Developed by NIST, DoD, the Intelligence Community, and the Committee on National Security Systems, this standard provides guidance on continuous monitoring and FISMA requirements. It also supports a risk-based approach to protecting critical missions and business functions.

F5 has distilled this 240-plus page document into an F5 iApp for NIST 800-53 Rev 4. The iApp provides several pages of relevant questions and tasks to assist the administrator in applying the relevant security controls on their BIG-IP device, saving organizations hours of management time and resources.

If your agency is looking to improve the DIACAP process, or looking to comply with FISMA, then the F5 NIST 800-53 Rev 4 iApp will help ensure the proper configuration settings on the BIG-IP are reviewed and set.

Learn more about using the F5 iApp Template

F5, Inc. Accessibility Conformance Reports

The reports below cover the degree of conformance for the following accessibility standard/guidelines:

  • Web Content Accessibility Guidelines 2
  • Revised Section 508 standards published January 18, 2017, and corrected January 22, 2018

Revised Section 508 Edition (Based on VPAT® Version 2.4) – F5 BIG-IP v17.1

Revised Section 508 Edition (Based on VPAT® Version 2.4) – F5 BIG-IP v15.1

Revised Section 508 Edition (Based on VPAT® Version 2.4) – F5 BIG-IP ASM

Revised Section 508 Edition (Based on VPAT® Version 2.4) - F5 NGINX Plus

Revised Section 508 Edition (Based on VPAT® Version 2.4) - F5 NGINX Management Suite API Connectivity Manager

Partner CNF Certification Program

Service providers want assurance that their cloud-native solution is interoperable, secure and optimized for performance and efficiency. F5 and its partners will certify set-up, onboarding, integration, deployment, and life cycle management of F5 BIG-IP Next SPK and Carrier-Grade Aspen Mesh in a cloud-native environment with vendor CNFs.

Learn about the program ›
 

Additional Certifications

To get more information on the many other certifications F5 holds, contact F5 sales.
 

FIPS logo

F5 FIPS Cryptographic Modules

F5 Model BIG-IP Software Release NIST Validated Cryptographic Module(s) Consolidated Validation Certificate(s) Additional Notes

r4000 series, r5000 series including r5920-DF, r10000 series, including r10920-DF

VELOS BX110/CX410

17.1.01

F5 BIG-IP Tenant Cryptographic Module

FIPS 140-3
Level 2
(Under test)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V
  • KVM on Centos 7

Vendor Affirmation for

  • AWS 
  • Azure

17.1.01

Cryptographic Module for BIG-IP

FIPS 140-3
Level 1
(Under test)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800, i15820-DF

VIPRION B2250/B4450

17.1.01

F5 Device Cryptographic Module

FIPS 140-3
Level 2
(Under test)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V
  • KVM on Centos 7

Vendor Affirmation for

  • AWS
  • Azure

16.1.3.1

Cryptographic Module for BIG-IP

FIPS 140-3
Level 1
(In process)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800, i15820-DF

VIPRION B2250/B4450

16.1.3.1

F5 Device Cryptographic Module

FIPS 140-3
Level 2
(In process)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V
  • KVM on Centos 7

Vendor Affirmation for

  • AWS
  • Azure

15.1.2.1

Cryptographic Module for BIG-IP

FIPS 140-2
Level 1: 4418

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

10350v-F

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800

VIPRION B2250/B4450

15.1.2.1

F5 Device Cryptographic Module

FIPS 140-2
Level 2: 4417

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

vCMP oni5000, i5820-DF, i7000, i7820-DF, i15800

 VIPRION B2250/B4450

15.1.2.1

F5 vCMP Cryptographic Module

FIPS 140-2
Level 2: 4414

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

BIG-IP tenant on VELOS BX110

14.1.4.2

Cryptographic Module for BIG-IP

FIPS 140-2
Level 1: 4408

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V
  • KVM on Centos 7

Vendor Affirmation for

  • AWS
  • Azure

14.1.2

Cryptographic Module for BIG-IP

FIPS 140-2
Level 1: 4505
 

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

10350v-F, i7800

14.1.2

F5 Device Cryptographic Module

FIPS 140-2
Level 2: 4465

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V

Vendor Affirmation for

  • AWS
  • Azure

14.1.0.3

Cryptographic Module for BIG-IP

FIPS 140-2
Level 1: 4505

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

5250v-F, 7200v-F, 10200v-F, 10350v-F

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800

VIPRION B2250/B4450

14.1.0.3

F5 Device Cryptographic Module

FIPS 140-2
Level 2: 4471

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

vCMP on

i5000, i5820-DF, i7000, i7820-DF, i15800

VIPRION B2250/B4450

14.1.0.3

F5 vCMP Cryptographic Module

FIPS 140-2
Level 2: 4477

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

 

       

F5 OS

F5 Model Software Release NIST Validated Cryptographic Module(s) Consolidated Validation Certificate(s) Additional Notes

 

VELOS BX110/CX410

F5OS-C 1.6.0

F5OS-C Cryptographic Module

FIPS 140-3
Level 2
(Under test)

 

r4000 series, r5000 series including r5920-DF, r10000 series, including r10920-DF

F5OS-A 1.5.1

F5OS-A Cryptographic Module

FIPS 140-3
Level 2
(Under test)
 

Integrated Cryptographic Modules

The integrated HSM is FIPS-validated, but the BIG-IP systems are not themselves FIPS 140-2/3 Level 3 validated.

 

F5 Model
Integrated Modules
NIST Validated Cryptographic Module(s) Consolidated Validation Certificate(s) Additional Notes
r5920-DF, r10920-DF NITROXIII CNN35XX-NFBE HSM Family FIPS 140-3
Level 3
(Under test)

NITROXIII is FIPS-inside

Partially supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

10350v-F, i5820-DF, i7820-DF, i15820-DF NITROXIII CNN35XX-NFBE HSM Family FIPS 140-2
Level 3: 4263

NITROXIII is FIPS-inside

Partially supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

External Cryptographic Modules

 

F5 Systems
External Modules
NIST Validated Cryptographic Module(s) Consolidated Validation Certificate(s) Additional Notes
BIG-IP, VIPRION, and Virtual Edition v11.2 and above

Thales

nShield Connect 500+,

nShield Connect 1500+,

nShield Connect 6000+

FIPS 140-2
Level 2: 1203 and 1733

FIPS 140-2
Level 3: 1197 and 1742

Not supported: DFARS 252.204-7012 / NIST SP 800-171
BIG-IP, VIPRION, and Virtual Edition v11.5 and above SafeNet Luna SA 6000

FIPS 140-2
Level 2: 1347

FIPS 140-2
Level 3: 1167

Not supported: DFARS 252.204-7012 / NIST SP 800-171

 

 

 

Historical FIPS: F5 FIPS Cryptographic Modules

F5 Model BIG-IP Software Release NIST Validated Cryptographic Modules Consolidated Validation Certificate(s) Additional Notes

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V
  • KVM on Centos 7

Vendor Affirmation for

  • AWS
  • Azure
14.1.2 Cryptographic Module for BIG-IP FIPS 140-2
Level 1: 3596 (Replaced by 4505)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

10350v-F, i7800

14.1.2 F5 Device Cryptographic Module FIPS 140-2
Level 2: 3841 (Replaced by 4465)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V

Vendor Affirmation for

  • AWS
  • Azure
14.1.0.3 Cryptographic Module for BIG-IP FIPS 140-2
Level 1: 3596 (Replaced by 4505)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

5250v-F, 7200v-F, 10200v-F, 10350v-F

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800

VIPRION B2250/B4450

14.1.0.3 F5 Device Cryptographic Module FIPS 140-2
Level 2: 3629
(Replaced by 4471)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

vCMP on

i5000, i5820-DF, i7000, i7820-DF, i15800

VIPRION B2250/B4450

14.1.0.3 F5 vCMP Cryptographic Module FIPS 140-2
Level 2: 3623 (Replaced by 4477)

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V

Vendor Affirmation for

  • AWS
  • Azure
13.1.1 Cryptographic Module for BIG-IP FIPS 140-2
Level 1: 2911

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

4000, 5250v-F, 7200v-F, 10200v-F, 10350v-F

i4000, i5000, i5820-DF, i7000, i7820-DF, i10800, i11800-DS, i15800

VIPRION B2250/B4450

13.1.1 F5 Device Cryptographic Module FIPS 140-2
Level 2: 3450

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

vCMP on

VIPRION B2250/B4450

13.1.1 F5 vCMP Cryptographic Module FIPS 140-2
Level 2: 3439

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

4000, 7000, 10350v-F

i4000, i5000, i7000

VIPRION B2250/B4450

13.1.0 F5 Device Cryptographic Module FIPS 140-2
Level 2: 3142

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

vCMP on

VIPRION B2250/B4450

13.1.0 F5 vCMP Cryptographic Module FIPS 140-2
Level 2: 3179

Supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

Virtual Edition on the following hypervisors:

  • VMware ESXi
  • Hyper-V

Vendor Affirmation for

  • AWS
  • Azure
12.1.2 HF1 Cryptographic Module for BIG-IP FIPS 140-2
Level 1: 2911
DFARS 252.204-7012 / NIST SP 800-171 for CUI

Historical FIPS: Integrated Cryptographic Modules

The integrated HSM is FIPS-validated, but the BIG-IP systems are not themselves FIPS 140-2/3 Level 3 validated.

F5 Model
Integrated Modules
NIST Validated Cryptographic Module(s) Consolidated Validation Certificate(s) Additional Notes
10350v-F, i5820-DF, i7820-DF, i15820-DF NITROXIII CNN35XX-NFBE-G HSM Family FIPS 140-2
Level 3: 4263

NITROXIII is FIPS-inside

Partially supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

5250v-F, 7200v-F, 10200v-F NITROX XL CN16XX-NFBE HSM Family FIPS 140-2
Level 3: 1369

NITROX XL is FIPS-inside

Partially supported:

DFARS 252.204-7012 / NIST SP 800-171 for CUI

BIG-IP 6900F, 8900F Integrated Module:
Cavium Nitrox XL CN1520-VBD-04-0201
FIPS 140-2
Level 2: 1360
Level 3: 1361
 

CCC logo

Common Criteria Certification

F5 Model Software Release Certification Information Security Target

r4000 series, r5000 series including r5920-DF, r10000 series, including r10920-DF

 

VELOS BX110/CX410

 

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 8.0.0
  • Hyper-V version 10.0 on Windows Server 2022 Standard
  • KVM on Ubuntu 22.04.1

 

17.1.0.1 LTM+AFM

(Under test)

Collaborative Protection Profile for Network Devices v2.2e

PP Module for Stateful Traffic Filter Firewalls Version 1.4e

r4000 series, r5000 series including r5920-DF, r10000 series, including r10920-DF

 

VELOS BX110/CX410

 

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 8.0.0
  • Hyper-V version 10.0 on Windows Server 2022 Standard
  • KVM on Ubuntu 22.04.1

 

17.1.0.1 LTM+APM

(Under test)

Collaborative Protection Profile for Network Devices v2.2e

r4000 series, r5000 series including r5920-DF, r10000 series, including r10920-DF

 

VELOS BX110/CX410

 

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

17.1.0.1 SSL  Orchestrator

(Under test)

Collaborative Protection Profile for Network Devices v2.2e

PP-Module for SSL/TLS Inspection Proxy v1.1

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

vCMP

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

16.1.3.1 LTM+AFM

CSEC2021014

NIAP PCL

Collaborative Protection Profile for Network Devices v2.2e

PP Module for Stateful Traffic Filter Firewalls Version 1.4e

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

vCMP

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

16.1.3.1 LTM+APM

CSEC2021012

NIAP PCL

Collaborative Protection Profile for Network Devices v2.2e

i4000 series, i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series including i15820-DF

VIPRION B2250/B4450

vCMP

16.1.3.1 SSL  Orchestrator

(Under test)

Collaborative Protection Profile for Network Devices v2.2e

PP-Module for SSL/TLS Inspection Proxy v1.1

10350v-F

i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

15.1.2.1 LTM+AFM

CSEC2020017
NIAP PCL

Collaborative Protection Profile for Network Devices v2.e

PP Module for Stateful Traffic Filter Firewalls Version 1.4e2

10350v-F

i5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

15.1.2.1 LTM+APM

CSEC2020016
NIAP PCL

Collaborative Protection Profile for Network Devices v2e

BIG-IP tenant on VELOS BX110

14.1.4.2 LTM+AFM

CSEC2020024
NIAP PCL

Collaborative Protection Profile for Network Devices v2.2e

PP Module for Stateful Traffic Filter Firewalls Version 1.4e

BIG-IP tenant on VELOS BX110

14.1.4.2 LTM+APM

CSEC2020025
NIAP PCL

Collaborative Protection Profile for Network Devices v2.2e

BIG-IP Virtual Edition on the following hypervisors:

  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

14.1.2 LTM+AFM

CSEC 2019021

NIAP PCL

Collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0e

BIG-IP Virtual Edition on the following hypervisors:
  • VMware ESXi 6.5.0
  • Hyper-V version 10.0 on Windows Server 2019
  • KVM on Centos 7

14.1.2 LTM+APM

CSEC 2019022

NIAP PCL

Collaborative Protection Profile for Network Devices Version 2.1

10350v-F

I5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

14.1.0.3 LTM+AFM

CSEC 2019003

NIAP PCL

Collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0e

10350v-F

I5000 series including i5820-DF, i7000 series including i7820-DF, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

14.1.0.3 LTM+APM

CSEC 2019004

NIAP PCL

Collaborative Protection Profile for Network Devices v2.1

10350v-F

i5000-series, i7000-series, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

13.1.1 LTM+AFM

CSEC 2017016

NIAP PCL

Collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 2.0e

10350v-F

i5000-series, i7000-series, i10000-series, i11000-series, i15000-series

VIPRION B2250/B4450

vCMP

13.1.1 LTM+APM

CSEC 2017021

NIAP PCL

Collaborative Protection Profile for Network Devices Version 2.0e

10350v-F

i5000-series, i7000-series

VIPRION B2250/B4450

vCMP

12.1.3.4 LTM+AFM

CSEC 2017004

NIAP PCL

Collaborative Protection Profile for Stateful Traffic Filter Firewalls Version 1.0

10350v-F

i5000-series, i7000-series

VIPRION B2250/B4450

vCMP

12.1.3.4 LTM+APM

CSEC 2017005

NIAP PCL

Collaborative Protection Profile for Network Devices Version 1.0

 

Archived Common Criteria

F5 Model Software Release Certification Information Security Target Additional Notes
BIG-IP 11.5.1 ADF-Base (LTM+AFM) BSI-DSZ-CC-0856-2017 EAL4+

Security Target

Based on the NIAP Protection profile for Network Devices Version 1.1 and Network Device Protection Profile Extended Package Stateful Traffic Filter Firewall Version 1.0

BIG-IP 11.5.1 ADC-AP (LTM+APM) BSI-DSZ-CC-0975-2018 EAL4+

Security Target

Based on the NIAP Protection profile for Network Devices Version 1.1

BIG-IP 6900, 8900, 11050 10.2.2 LTM + ACA+ PSM NIAP Common Criteria Certificate EAL 2+ F5 Networks BIG-IP Local Traffic Manager Security Target

Commercial Solutions for Classified (CSfC)

F5 Product Component Listing
BIG-IP 15.1.2.1 Traffic Filtering Firewall
TLS Protected Servers
BIG-IP 14.1.2 Traffic Filtering Firewall
TLS Protected Servers
BIG-IP 14.1.0.3 Traffic Filtering Firewall
TLS Protected Servers
BIG-IP 13.1.1 Traffic Filtering Firewall
BIG-IP 12.1 LTM+AFM Traffic Filtering Firewall

Department of Defense Information Network Approved Product List

Cert / TN Number Product External Certification
  F5 Networks BIG-IP Rel. 15.1 (Under test)
1906001 F5 Networks BIG-IP Rel. 14.1 Certification
1630801 F5 Networks BIG-IP Rel. 13.1 Certification
1312201 F5 Networks BIG-IP Rel. 11.6 Certification

United States Government IPv6 Conformance Certification (USGv6)

F5 Platforms Product Version Certification Information
BIG-IP i-series 14.1.0.3 Logo ID: 02-C-001985 
BIG-IP Virtual Edition 13.1.3 build 4 Logo ID: 02-C-001912
VIPRION B2250 13.1.1 build 4 Logo ID: 02-C-001900
BIG-IP i10000 series 13.1.1 build 4 Logo ID: 02-C-001799
BIG-IP 12.1.0 build 0.0.1434 Gold Logo ID: 02-C-001578
BIG-IP 12.1.0 build 0.0.1434 Gold Logo ID: 02-C-001514
BIG-IP 11.6.0 HF6 build 0.442 Logo ID: 02-C-001463
BIG-IP 11.5.2 build 141.0 Logo ID: 02-C-001426
BIG-IP 11.4.1 build 635.0 Logo ID: 02-C-001282
BIG-IP 10000 series 11.3.0 build 3248.0 Gold Logo ID: 02-C-001106
BIG-IP 10000 series, VIPRION B4300 series 11.3.0 and all later versions USGv6
Results by UNH-IOL
BIG-IP 10000 series 11.3, 12.1 IPv6 Gold
Phase-2 Gold Logo ID #02-C-001106

Joint Interoperability Test Command (JITC) Public Key Enabled (PKE)

F5 Model Certification Details Comments
BIG-IP v 11.2 Certified Works with DoD Common Access Cards (CAC)