| Standard | FIPS 140-3 |
|---|---|
| Overall level | 1 |
| Module type | Software |
| Embodiment | Multi-Chip Stand Alone |
| Status | Active |
| Sunset date | 12/15/2030 |
| Caveat | When installed, initialized and configured as specified in Section 11.1.4 of the Security Policy. |
| Vendor | Cloud Software Group |
| Algorithm | ACVP Cert |
|---|---|
| AES-CBC | A3942 |
| AES-CFB128 | A3942 |
| AES-CTR | A3942 |
| AES-GCM | A3942 |
| Counter DRBG | A3942 |
| ECDSA KeyGen (FIPS186-4) | A3942 |
| ECDSA KeyVer (FIPS186-4) | A3942 |
| ECDSA SigGen (FIPS186-4) | A3942 |
| ECDSA SigVer (FIPS186-4) | A3942 |
| HMAC-SHA-1 | A3942 |
| HMAC-SHA2-256 | A3942 |
| HMAC-SHA2-384 | A3942 |
| HMAC-SHA2-512 | A3942 |
| KAS-ECC-SSC Sp800-56Ar3 | A3942 |
| KAS-FFC-SSC Sp800-56Ar3 | A3942 |
| KDF IKEv1 (CVL) | A3942 |
| KDF IKEv2 (CVL) | A3942 |
| KDF SNMP (CVL) | A3942 |
| KDF SSH (CVL) | A3942 |
| KDF TLS (CVL) | A3942 |
| KTS-IFC | A3942 |
| PBKDF | A3942 |
| RSA KeyGen (FIPS186-4) | A3942 |
| RSA SigGen (FIPS186-4) | A3942 |
| RSA SigVer (FIPS186-4) | A3942 |
| SHA-1 | A3942 |
| SHA2-256 | A3942 |
| SHA2-384 | A3942 |
| SHA2-512 | A3942 |
| TLS v1.2 KDF RFC7627 (CVL) | A3942 |
| Hash DRBG | A3943 |
| HMAC-SHA2-224 | A3943 |
| KDF SP800-108 | A3943 |
| RSA SigVer (FIPS186-2) | A3943 |
| SHA2-224 | A3943 |
| TLS v1.3 KDF (CVL) | A3943 |
| SHA3-256 | A3513 |
| Requirement area | Level |
|---|---|
| Cryptographic Module Specification | 2 |
| Cryptographic Module Interfaces | 3 |
| Roles, Services, and Authentication | 4 |
| Software/Firmware Security | 5 |
| Operational Environment | 6 |
| Self-Tests | 1 |
flowchart LR
%% Deterministic review-risk graph for NetScaler Virtual Appliance
%% Review prompts and evidence gaps, NOT vulnerability findings.
subgraph CMVP["CMVP-disclosed clues"]
C2["[high] Firmware update / recovery<br/>/ rollback services<br/><i>Exchange routing information<br/>Software load</i>"]
C3["[high] Unauthenticated /<br/>self-test / status service<br/>surface<br/><i>AES for Disk Encryption<br/>AES for AES Key<br/>AES for TLS Ticket</i>"]
C5["[low] Protocol / secure-channel<br/>references (may be KDF<br/>names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i>"]
C6["[low] Operating system / runtime<br/>referenced (boundary<br/>membership not asserted)<br/><i>operating system<br/>application</i>"]
end
subgraph Inference["Derived inference"]
I2["Trusted code is reachable<br/>through update and<br/>recovery paths."]
I3["Some services may process<br/>input before, or without,<br/>operator authentication."]
I5["Possible only, a protocol<br/>is referenced, but whether<br/>it is a live channel or<br/>only a KDF/algorithm name<br/>is unconfirmed."]
I6["Possible only, a<br/>runtime/OS is referenced,<br/>but its membership in the<br/>cryptographic boundary is<br/>not established."]
end
subgraph Risk["Reviewer question"]
R2["Are update images<br/>authenticated before<br/>parsing, and are<br/>downgrade/rollback paths<br/>constrained?"]
R3["Can unauthenticated<br/>services leak state,<br/>consume resources, or<br/>transition security state?"]
R5["If a live TLS/SSH/IKE<br/>channel exists, could<br/>library CVEs apply, or is<br/>this only a<br/>KDF/documentation name?"]
R6["If the OS/runtime is<br/>in-boundary, could its<br/>CVEs be hidden by<br/>firmware-only versioning?"]
end
subgraph Evidence["Evidence needed to close"]
E2["update image format ·<br/>signature-before-parse<br/>proof · anti-rollback /<br/>downgrade policy"]
E3["pre-auth reachability<br/>matrix · rate limits and<br/>output redaction ·<br/>abuse-case tests"]
E5["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>library identity and<br/>version ·<br/>certificate-validation<br/>behaviour · protocol-CVE<br/>disposition"]
E6["confirm the disclosure<br/>itself (keyword hit,<br/>context unverified) ·<br/>runtime identity and<br/>config · kernel/runtime<br/>hardening profile ·<br/>patch/backport manifest"]
end
C2 --> I2 --> R2 --> E2
C3 --> I3 --> R3 --> E3
C5 --> I5 --> R5 --> E5
C6 --> I6 --> R6 --> E6
classDef clue fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef infer fill:#fff7e6,stroke:#b98500,color:#6b4e00;
classDef risk fill:#fbe9e9,stroke:#b02a2a,color:#7a1f1f;
classDef evidence fill:#e6f4ea,stroke:#1e7d34,color:#14532d;
class C2,C3,C5,C6 clue;
class I2,I3,I5,I6 infer;
class R2,R3,R5,R6 risk;
class E2,E3,E5,E6 evidence;flowchart LR
%% Deterministic clue tier for NetScaler Virtual Appliance
%% confidence: high = structured record field; medium = structured but soft; low (dashed) = bare keyword hit, context unverified
subgraph CMVP["CMVP-disclosed clues (deterministic)"]
C2["[high] Firmware update / recovery / rollback services<br/><i>Exchange routing information<br/>Software load</i><br/>src: securityPolicy.services"]
C3["[high] Unauthenticated / self-test / status service surface<br/><i>AES for Disk Encryption<br/>AES for AES Key<br/>AES for TLS Ticket</i><br/>src: securityPolicy.services"]
C5["[low] Protocol / secure-channel references (may be KDF names, not a live channel)<br/><i>TLS<br/>SSH<br/>IKEV</i><br/>src: text:keyword"]
C6["[low] Operating system / runtime referenced (boundary membership not asserted)<br/><i>operating system<br/>application</i><br/>src: text:keyword"]
end
classDef clueHigh fill:#eef3f9,stroke:#2f6fb0,stroke-width:2px,color:#1f3a5f;
classDef clueMedium fill:#eef3f9,stroke:#6f7f91,color:#1f3a5f;
classDef clueLow fill:#f7f7f7,stroke:#999,stroke-dasharray:4 4,color:#444;
class C2,C3 clueHigh;
class C5,C6 clueLow;Cloud Software Group NetScaler Virtual Appliance Software Version: 13.1.FIPS FIPS Security Level: 1 Document Version: 0.5 Prepared for: Prepared by: Cloud Software Group
Fort Lauderdale, FL 33309 United States of America Corsec Security, Inc.
Fairfax, VA 22033 United States of America Phone: +1 954 267 3000 www.cloud.com Phone: +1 703 267 6050 www.corsec.com
November 25, 2025 Abstract This is a non-proprietary Cryptographic Module Security Policy for the NetScaler Virtual Appliance (version: 13.1.FIPS) from Cloud Software Group (Cloud Software Group). This Security Policy describes how the NetScaler Virtual Appliance meets the security requirements of Federal Information Processing Standards (FIPS) Publication 140-3, which details the U.S. and Canadian government requirements for cryptographic modules. More information about the FIPS 140-3 standard and validation program is available on the National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS) Cryptographic Module Validation Program (CMVP) website at http://csrc.nist.gov/groups/STM/cmvp. This document also describes how to run the module in a secure FIPS-Approved mode of operation. This policy was prepared as part of the Level 1 FIPS 140-3 validation of the module. The NetScaler Virtual Appliance is referred to in this document as NetScaler VA or the module. References This document deals only with operations and capabilities of the module in the technical terms of a FIPS 140-3 cryptographic module security policy. More information is available on the module from the following sources:
November 25, 2025 Table of Contents 1. 1.1 1.2 2. 2.1 2.2 2.3 2.4 2.5 2.6 2.7 2.8 2.9 3. 3.1 4. 4.1 4.2 4.3 4.4 4.5 5. 5.1 5.2 6. 6.1 6.2 7. 8. 9. 9.1 9.2 9.3 9.4 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
10.3 10.4 November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 List of Tables List of Figures NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
1. General 1.1 Overview November 25, 2025 NetScaler Virtual Appliance is a virtual application delivery controller (ADC) that accelerates application performance, enhances application availability with advanced L4-L7 1 load balancing, provides an integrated application firewall, and lowers server expenses by offloading computationally intensive tasks. All these capabilities are combined into a single, integrated virtual appliance. NetScaler Virtual Appliance is provides the web-based GUI2, REST3ful Nitro API4, and CLI5 interfaces for configuring and managing the appliance. The GUI includes a configuration utility for configuring the appliance as well as a statistical utility called Dashboard. NetScaler appliances are installed in a data center on-premises or in a public cloud (such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)) between the clients and the servers, so that client requests and server responses pass through it. In a typical installation, virtual servers configured on the appliance provide connection points that clients use to access the applications behind the appliance. In this case, the appliance owns public IP6 addresses that are associated with its virtual servers, while the real servers are isolated in a private network. Administrators enable appliance features and apply configured policies to incoming and outgoing traffic. The NetScaler Virtual Appliance is feature set can be broadly categorized as consisting of switching features, security and protection features, and server-farm optimization features:
API
URL
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | ISO Section | Requirement | Level |
|---|---|---|---|
| 1 | 1 | General | 1 |
| 2 | 2 | Cryptographic module specification | 1 |
| 3 | 3 | Cryptographic module interfaces | 1 |
| 4 | 4 | Roles, services, and authentication | 3 |
| 5 | 5 | Software/Firmware security | 1 |
| 6 | 6 | Operational environment | 1 |
| 7 | 7 | Physical security | N/A |
| 8 | 8 | Non-invasive security | N/A |
| 9 | 9 | Sensitive security parameter management | 1 |
| 10 | 10 | Self-tests | 1 |
| 11 | 11 | Life-cycle assurance | 1 |
| 12 | 12 | Mitigation of other attacks | N/A |
| Overall Level | Overall Level | 1 |
November 25, 2025 more. In addition, the firewall provides identity theft protection by securing confidential corporate information and sensitive customer data.
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 2. Cryptographic Module Specification 2.1 Description
NetScaler Virtual Appliance is a virtual application delivery controller (ADC) that accelerates application performance, enhances application availability with advanced L4-L7 12 load balancing, provides an integrated application firewall, and lowers server expenses by offloading computationally intensive tasks. All these capabilities are combined into a single, integrated virtual appliance. NetScaler Virtual Appliance is provides the web-based GUI 13 , REST 14 ful Nitro API 15 , and CLI 16 interfaces for configuring and managing the appliance. The GUI includes a configuration utility for configuring the appliance as well as a statistical utility called Dashboard.
The NetScaler Virtual Appliance 13.1.FIPS is a Software module.
The NetScaler Virtual Appliance has a MultiChipStand embodiment.
The module does not have any additional characteristics.
The logical cryptographic boundary of the module (shown by the red dotted line in Figure 1) consists of the VPX virtual appliance software and FreeBSD operating system acting as the guest OS.
API
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
KEY: November 25, 2025 Virtual Machine Virtual Machine Virtual Machine VA Software Other Application Other Application FreeBSD Guest OS Guest OS Logical Cryptographic Boundary Physical Cryptographic Boundary Data Input Data Output Control Output Control Input Status Output System Calls Hypervisor Platform Figure 1. NetScaler Virtual Appliance Cryptographic Boundary
(TOEPP) As a virtual appliance, the software module has no physical characteristics; however, the module makes use of the physical interfaces of the server hosting the virtual environment upon which the module is installed. The hypervisor controls and directs all interactions between the module and the operator and is responsible for mapping the module’s virtual interfaces to the host server’s physical interfaces. The physical boundary of the cryptographic module is defined by the hard enclosure around the host server on which it runs. For this validation, the module will be tested on the platforms listed in Section 2.2, and each platform consists of a motherboard, a multi-core Intel Xeon CPU, random access memory (RAM), a hardware case, a power supply, and interface ports. Figure 2 displays the hardware components of the server used for testing (the dashed line surrounding the hardware components represents the module’s physical cryptographic boundary, which is the outer case of the server), and identifies the hardware with which the processors interface. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
Hardware Management November 25, 2025 DVD Network Interface RAM HDD Clock Generator SCSI/SATA Controller LEDs/LCD Serial CPU I/O Hub Audio Cache Power Interface PCI/PCIe Slots USB BIOS Graphics Controller PCI/PCIe Slots External Power Supply KEY: Plaintext Data Encrypted Data Control Input Status Output Physical Perimeter BIOS
This section does not apply to this module. N/A for this module.
(Executable Code Sets) The table below lists the executable code sets of the module. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package | Integrity Test |
|---|---|---|---|---|---|---|---|---|---|---|
| ns-13.1-37.241.gz | 13.1.FIPS | Contains FreeBSD OS and Netscaler Virtual Appliance software in an image. | ns-13.1-37.241.gz | 2048-bit RSA with SHA2-512 | ||||||
| FreeBSD 11.4 | FreeBSD 11.4 | Dell PowerEdge R630 | 13.1.FIPS | Intel Xeon E5-2680 | Yes | VMWare ESXi 7.0U3 | ||||
| FreeBSD 11.4 | FreeBSD 11.4 | Dell PowerEdge R630 | 13.1.FIPS | Intel Xeon E5-2680 | No | VMWare ESXi 7.0U3 |
| Name | Operating System | Hardware Platform | Firmware Version | Software Version | Processor | Paa Pai | Hypervisor | Features | Package | Integrity Test |
|---|---|---|---|---|---|---|---|---|---|---|
| ns-13.1-37.241.gz | 13.1.FIPS | Contains FreeBSD OS and Netscaler Virtual Appliance software in an image. | ns-13.1-37.241.gz | 2048-bit RSA with SHA2-512 | ||||||
| FreeBSD 11.4 | FreeBSD 11.4 | Dell PowerEdge R630 | 13.1.FIPS | Intel Xeon E5-2680 | Yes | VMWare ESXi 7.0U3 | ||||
| FreeBSD 11.4 | FreeBSD 11.4 | Dell PowerEdge R630 | 13.1.FIPS | Intel Xeon E5-2680 | No | VMWare ESXi 7.0U3 |
November 25, 2025 Table 2: Tested Module Identification
The module does not have any hybrid disjoint hardware. N/A for this module.
Hybrid The module was tested and found to be compliant with FIPS 140-3 requirements on the environments listed in the table below. Table 3: Tested Operational Environments - Software, Firmware, Hybrid
Firmware, Hybrid There are no vendor-affirmed operational environments claimed. N/A for this module. 2.3 Excluded Components The module does not exclude any components from the requirements. 2.4 Modes of Operation
When installed, configured, and operated according to this Security Policy, the module supports the Approved mode of operation only; non-Approved operations are not supported. ©2025 Cloud Software Group
| Name | CAVP Cert | Reference |
|---|---|---|
| AES-CBC | A3942 | SP 800-38A |
| AES-CFB128 | A3942 | SP 800-38A |
| AES-CTR | A3942 | SP 800-38A |
| AES-GCM | A3942 | SP 800-38D |
| Counter DRBG | A3942 | SP 800-90A Rev. 1 |
| ECDSA KeyGen (FIPS186-4) | A3942 | FIPS 186-4 |
| ECDSA KeyVer (FIPS186-4) | A3942 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A3942 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A3942 | FIPS 186-4 |
| HMAC-SHA-1 | A3942 | FIPS 198-1 |
| HMAC-SHA2-256 | A3942 | FIPS 198-1 |
| HMAC-SHA2-384 | A3942 | FIPS 198-1 |
| HMAC-SHA2-512 | A3942 | FIPS 198-1 |
| KAS-ECC-SSC Sp800-56Ar3 | A3942 | SP 800-56A Rev. 3 |
| KAS-FFC-SSC Sp800-56Ar3 | A3942 | SP 800-56A Rev. 3 |
| KDF IKEv1 (CVL) | A3942 | SP 800-135 Rev. 1 |
| KDF IKEv2 (CVL) | A3942 | SP 800-135 Rev. 1 |
| KDF SNMP (CVL) | A3942 | SP 800-135 Rev. 1 |
| KDF SSH (CVL) | A3942 | SP 800-135 Rev. 1 |
| KDF TLS (CVL) | A3942 | SP 800-135 Rev. 1 |
| KTS-IFC | A3942 | SP 800-56B Rev. 2 |
| PBKDF | A3942 | SP 800-132 |
| RSA KeyGen (FIPS186-4) | A3942 | FIPS 186-4 |
| RSA SigGen (FIPS186-4) | A3942 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A3942 | FIPS 186-4 |
| Safe Primes Key Generation | A3942 | SP 800-56A Rev. 3 |
| Safe Primes Key Verification | A3942 | SP 800-56A Rev. 3 |
| SHA-1 | A3942 | FIPS 180-4 |
| SHA2-256 | A3942 | FIPS 180-4 |
| SHA2-384 | A3942 | FIPS 180-4 |
| SHA2-512 | A3942 | FIPS 180-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A3942 | SP 800-135 Rev. 1 |
| AES-CBC | A3943 | SP 800-38A |
| AES-GCM | A3943 | SP 800-38D |
| ECDSA KeyGen (FIPS186-4) | A3943 | FIPS 186-4 |
| ECDSA KeyVer (FIPS186-4) | A3943 | FIPS 186-4 |
| ECDSA SigGen (FIPS186-4) | A3943 | FIPS 186-4 |
| ECDSA SigVer (FIPS186-4) | A3943 | FIPS 186-4 |
| Hash DRBG | A3943 | SP 800-90A Rev. 1 |
| HMAC-SHA-1 | A3943 | FIPS 198-1 |
| HMAC-SHA2-224 | A3943 | FIPS 198-1 |
| HMAC-SHA2-256 | A3943 | FIPS 198-1 |
| HMAC-SHA2-384 | A3943 | FIPS 198-1 |
| HMAC-SHA2-512 | A3943 | FIPS 198-1 |
| KAS-ECC-SSC Sp800-56Ar3 | A3943 | SP 800-56A Rev. 3 |
| KDF SP800-108 | A3943 | SP 800-108 Rev. 1 |
| KDF TLS (CVL) | A3943 | SP 800-135 Rev. 1 |
| KTS-IFC | A3943 | SP 800-56B Rev. 2 |
| RSA SigGen (FIPS186-4) | A3943 | FIPS 186-4 |
| RSA SigVer (FIPS186-2) | A3943 | FIPS 186-4 |
| RSA SigVer (FIPS186-4) | A3943 | FIPS 186-4 |
| SHA-1 | A3943 | FIPS 180-4 |
| SHA2-224 | A3943 | FIPS 180-4 |
| SHA2-256 | A3943 | FIPS 180-4 |
| SHA2-384 | A3943 | FIPS 180-4 |
| SHA2-512 | A3943 | FIPS 180-4 |
| TLS v1.2 KDF RFC7627 (CVL) | A3943 | SP 800-135 Rev. 1 |
| TLS v1.3 KDF (CVL) | A3943 | SP 800-135 Rev. 1 |
| SHA3-256 | A3513 | FIPS 202 |
November 25, 2025 Table 4: Modes List and Description 2.5 Algorithms
The module includes the following cryptographic libraries that provide basic cryptographic functionalities and support secure networking protocols:
| Name | Properties | ||
|---|---|---|---|
| CKG (Control Plane - VA) | CKG:Symmetric | NetScaler Control Plane Cryptographic Library | NIST SP 800-133rev2, Section 4 |
| CKG (Data Plane - VA) | CKG:Symmetric | NetScaler Data Plane Cryptographic Library | NIST SP 800-133rev2, Section 4 |
| CKG (KEK - VA) | CKG:Combining keys and other data | NetScaler Control Plane Cryptographic Library | NIST SP 800-133rev2, Section 6.3 |
November 25, 2025 Table 6: Approved Algorithms - Data Plane CPU Jitter Entropy Source Table 7: Approved Algorithms - CPU Jitter Entropy Source
The vendor affirms the following cryptographic security methods: 6.3 Table 8: Vendor-Affirmed Algorithms
The module does not implement any non-approved algorithms allowed in the Approved mode of operation. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Description | Approved Functions | Type | Properties | |
|---|---|---|---|---|---|
| MD5 | Message digest in TLS 1.0/1.1 | N/A | |||
| AES for Disk Encryption | AES for KEK, which is used for encrypting/decrypting passwords and passphrases | AES-CBC: (A3942) Key Length: 256 Counter DRBG: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| AES for AES Key | AES for the AES Key, which is used for encryption/decryption | AES-CBC: (A3943) Hash DRBG: (A3943) SHA2-256: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| Key Derivation for TLS Extended Master Secret | Key derivation for the TLS Extended Master Secret, which are used to derive the ticket encryption key and the ticket authentication key | KDF TLS: (A3942, A3943) TLS v1.2 KDF RFC7627: (A3942, A3943) TLS v1.3 KDF: (A3943) SHA2-256: (A3942, A3943) SHA2-384: (A3942, A3943) | KAS-135KDF | Publication:NIST SP 800- 135rev1 | |
| AES for TLS Ticket | AES for the TLS Ticket Encryption Key, which is used for the encryption/decryption of TLS session tickets | AES-CBC: (A3943) Key Length: 128 Hash DRBG: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for TLS Ticket | HMAC for the TLS Ticket Authentication Key, which is used for the authentication of TLS session tickets | HMAC-SHA2-256: (A3942, A3943) SHA2-256: (A3942, A3943) | MAC | Publication:FIPS 198-1 |
| Name | Description | Approved Functions | Type | Properties | |
|---|---|---|---|---|---|
| MD5 | Message digest in TLS 1.0/1.1 | N/A | |||
| AES for Disk Encryption | AES for KEK, which is used for encrypting/decrypting passwords and passphrases | AES-CBC: (A3942) Key Length: 256 Counter DRBG: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| AES for AES Key | AES for the AES Key, which is used for encryption/decryption | AES-CBC: (A3943) Hash DRBG: (A3943) SHA2-256: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| Key Derivation for TLS Extended Master Secret | Key derivation for the TLS Extended Master Secret, which are used to derive the ticket encryption key and the ticket authentication key | KDF TLS: (A3942, A3943) TLS v1.2 KDF RFC7627: (A3942, A3943) TLS v1.3 KDF: (A3943) SHA2-256: (A3942, A3943) SHA2-384: (A3942, A3943) | KAS-135KDF | Publication:NIST SP 800- 135rev1 | |
| AES for TLS Ticket | AES for the TLS Ticket Encryption Key, which is used for the encryption/decryption of TLS session tickets | AES-CBC: (A3943) Key Length: 128 Hash DRBG: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for TLS Ticket | HMAC for the TLS Ticket Authentication Key, which is used for the authentication of TLS session tickets | HMAC-SHA2-256: (A3942, A3943) SHA2-256: (A3942, A3943) | MAC | Publication:FIPS 198-1 | |
| Key Generation for SSH | Asymmetric key generation (RSA or ECDSA) for the SSH private and public keys | ECDSA KeyGen (FIPS186-4): (A3942) RSA KeyGen (FIPS186- 4): (A3942) Counter DRBG: (A3942) CKG (Control Plane - VA): () CKG: Symmetric | AsymKeyPair-KeyGen | Publication:FIPS 186-4, FIPS 186-5 | |
| Key Agreement for SSH (DH) | Key agreement for SSH using DH | KDF SSH: (A3942) KAS-FFC-SSC Sp800- 56Ar3: (A3942) Domain parameter generation methods: MODP-2048, MODP- 4096, ffdhe2048, ffdhe4096 Counter DRBG: (A3942) Safe Primes Key Generation: (A3942) Safe prime groups: MODP-2048, MODP- 4096, ffdhe2048, ffdhe4096 Safe Primes Key Verification: (A3942) Safe prime groups: MODP-2048, MODP- 4096, ffdhe2048, ffdhe4096 SHA-1: (A3942) SHA2-256: (A3942) SHA2-384: (A3942) SHA2-512: (A3942) ECDSA SigGen (FIPS186- 4): (A3942) ECDSA SigVer (FIPS186- 4): (A3942) RSA SigGen (FIPS186-4): (A3942) RSA SigVer (FIPS186-4): (A3942) | KAS-135KDF | Publication:NIST SP 800- 135rev1, NIST SP 800- 56Arev3 Key Strength:Key establishment methodology provides between 112 and 176 bits of encryption strength Caveat:No part of the SSH protocol, other than the KDF, has been tested by the CAVP and CMVP | |
| Key Agreement for SSH (ECDH) | Key agreement for SSH utilizing ECDH | KDF SSH: (A3942) KAS-ECC-SSC Sp800- 56Ar3: (A3942, A3943) Counter DRBG: (A3942) ECDSA KeyGen (FIPS186-4): (A3942) ECDSA KeyVer (FIPS186- 4): (A3942) SHA-1: (A3942) SHA2-256: (A3942) SHA2-384: (A3942) SHA2-512: (A3942) RSA SigGen (FIPS186-4): (A3942) RSA SigVer (FIPS186-4): (A3942) ECDSA SigGen (FIPS186- 4): (A3943) ECDSA SigVer (FIPS186- 4): (A3942) AES-CBC: (A3942) AES-CTR: (A3942) | KAS-135KDF | Publication:NIST SP 800- 135rev1, NIST SP 800- 56Arev3 Key Strength:Key establishment methodology provides between 112 and 256 bits of encryption strength Caveat:No part of the SSH protocol, other than the KDF, has been tested by the CAVP and CMVP | |
| AES for SSH | AES (CTR or CBC modes) for the SSH Session Key, which is used for the encryption/decryption of SSH session packets | AES-CBC: (A3942) AES-CTR: (A3942) Counter DRBG: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for SSH | HMAC for the SSH Authentication Key, which is used for the authentication of SSH session packets | HMAC-SHA-1: (A3942) SHA-1: (A3942) HMAC-SHA2-256: (A3942) SHA2-256: (A3942) HMAC-SHA2-384: (A3942) SHA2-384: (A3942) HMAC-SHA2-512: (A3942) SHA2-512: (A3942) | MAC | Publication:FIPS 198-1 Caveat:The module supports the truncation of HMAC SHA-1 to 96 bits according to NIST SP 800-107 Rev.1 | |
| Key Agreement for IKE/IPsec (DH) | Key Agreement for IKE/IPsec using DH | KDF IKEv1: (A3942) KDF IKEv2: (A3942) KAS-FFC-SSC Sp800- 56Ar3: (A3942) Domain parameter generation methods: MODP-2048, MODP- 3072, MODP-6144 Counter DRBG: (A3942) Safe Primes Key Generation: (A3942) Safe prime groups: MODP-2048, MODP- 3072, MODP-6144 Safe Primes Key Verification: (A3942) Safe prime groups: MODP-2048, MODP- 3072, MODP-6144 SHA-1: (A3942) SHA2-256: (A3942) SHA2-384: (A3942) SHA2-512: (A3942) | KAS-135KDF | Publication:NIST SP 800- 135rev1, NIST SP 800- 56Arev3 Key Strength:Key establishment methodology provides between 112 and 176 bits of encryption strength Caveat:No part of the IKE protocol, other than the KDF, has been tested by the CAVP and CMVP | |
| AES for IKE/IPsec | AES for the IKE/IPsecSession Key, which is used for the encryption/decryption of IKE/IPsec packets | AES-CBC: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for IKE/IPsec | HMAC for the IKE/IPsec Authentication Key, which is used for the authentication of IKE/IPsec session packets | HMAC-SHA-1: (A3943) SHA-1: (A3943) HMAC-SHA2-224: (A3943) SHA2-224: (A3943) HMAC-SHA2-256: (A3943) SHA2-256: (A3943) HMAC-SHA2-384: (A3943) SHA2-384: (A3943) HMAC-SHA2-512: (A3943) SHA2-512: (A3943) | MAC | Publication:FIPS 198-1 Caveat:The module supports the truncation of HMAC SHA-1 to 96 bits according to NIST SP 800-107 Rev1 | |
| HMAC for HMAC key | HMAC for HMAC key used in message authentication | HMAC-SHA-1: (A3943) SHA-1: (A3943) HMAC-SHA2-224: (A3943) SHA2-224: (A3943) HMAC-SHA2-256: (A3943) SHA2-256: (A3943) HMAC-SHA2-384: (A3943) SHA2-384: (A3943) HMAC-SHA2-512: (A3943) SHA2-512: (A3943) | MAC | Publication:FIPS 198-1 Caveat:The module supports the truncation of HMAC SHA-1 to 96 bits according to NIST SP 800-107 Rev1 | |
| Key Agreement for TLS (DH) | Key Agreement for TLS using DH | KDF TLS: (A3942) TLS v1.2 KDF RFC7627: (A3942) KAS-FFC-SSC Sp800- 56Ar3: (A3942) Domain parameter generation methods: fdhe2048, ffdhe3072, ffdhe4096, ffdhe6144 Counter DRBG: (A3942) Safe Primes Key Generation: (A3942) Safe prime groups: ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144 Safe Primes Key Verification: (A3942) Safe prime groups: ffdhe2048, ffdhe3072, ffdhe4096, ffdhe6144 SHA2-256: (A3942) SHA2-384: (A3942) ECDSA SigGen (FIPS186- 4): (A3943) ECDSA SigVer (FIPS186- 4): (A3943) RSA SigGen (FIPS186-4): (A3942) RSA SigVer (FIPS186-4): (A3942) | KAS-135KDF | Publication:RFC 7627, NIST SP 800-135rev1, NIST SP 800-56Arev3 Key Strength:Key establishment methodology provides between 112 and 176 bits of encryption strength Caveats:No part of the TLS protocol, other than the KDF, has been tested by the CAVP and CMVP | |
| Key agreement for TLS (ECDH) | Key agreement for TLS using ECDH | KDF TLS: (A3942, A3943) TLS v1.2 KDF RFC7627: (A3942, A3943) KAS-ECC-SSC Sp800- 56Ar3: (A3942, A3943) Counter DRBG: (A3942) ECDSA KeyGen (FIPS186-4): (A3942, A3943) ECDSA KeyVer (FIPS186- 4): (A3942, A3943) SHA2-256: (A3942, A3943) SHA2-384: (A3942, A3943) ECDSA SigGen (FIPS186- 4): (A3942, A3943) ECDSA SigVer (FIPS186- 4): (A3942, A3943) RSA SigGen (FIPS186-4): (A3942, A3943) RSA SigVer (FIPS186-4): (A3942) RSA SigVer (FIPS186-2): (A3943) Hash DRBG: (A3943) | KAS-135KDF | Publication:RFC 7627, NIST SP 800-135rev1, NIST SP 800-56Arev3 Key strength:Key establishment methodology provides between 112 and 256 bits of encryption strength Caveat:No part of the TLS protocol, other than the KDF, has been tested by the CAVP and CMVP | |
| Key Transport for TLS | RSA key transport for TLS | KTS-IFC: (A3942, A3943) Counter DRBG: (A3942) Hash DRBG: (A3943) SHA-1: (A3942, A3943) RSA KeyGen (FIPS186- 4): (A3942) Modulus: 2048 RSA SigVer (FIPS186-4): (A3942) RSA SigVer (FIPS186-2): (A3943) | KTS-Encap | Publication:FIPS 186-4, FIPS 186-5, NIST SP 800- 56Brev2 Key Strength:Key establishment methodology provides 112 bits of encryption strength | |
| Key Generation for TLS | Key pair generation for TLS | RSA KeyGen (FIPS186- 4): (A3942) ECDSA KeyGen (FIPS186-4): (A3942, A3943) Counter DRBG: (A3942) Hash DRBG: (A3943) | AsymKeyPair-KeyGen | Publication:FIPS 186-4, FIPS 186-5 | |
| AES for TLS session | AES for the TLS Session Key, which is used for the encryption/decryption of TLS session packets | AES-CBC: (A3942, A3943) Key Length: 128, 256 Counter DRBG: (A3942) Hash DRBG: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for TLS Session | HMAC for the TLS Authentication Key, which is used for the authentication of TLS session packets | HMAC-SHA-1: (A3942, A3943) SHA-1: (A3942, A3943) HMAC-SHA2-256: (A3942, A3943) SHA2-256: (A3942, A3943) HMAC-SHA2-384: (A3942, A3943) SHA2-384: (A3942, A3943) HMAC-SHA2-224: (A3943) SHA2-224: (A3943) | MAC | Publication:FIPS 198-1 Caveat:The module supports the truncation of HMAC SHA-1 to 96 bits according to NIST SP 800-107 Rev1 | |
| AES GCM for TLS Session | AES GCM for the TLS session key, which is used for the encryption/decryption of TLS session packets | AES-GCM: (A3942, A3943) Key Length: 128, 256 Counter DRBG: (A3942) Hash DRBG: (A3943) | BC-Auth | Publication:NIST SP 800- 38D IG:C.H | |
| RSA SigGen for DNSsec | RSA digital signature generation for DNSsec | RSA SigGen (FIPS186-4): (A3942) Counter DRBG: (A3942) SHA-1: (A3942) | DigSig-SigGen | Publication:FIPS 186-4, FIPS 186-5 | |
| RSA SigVer for DNSsec | RSA digital signature verification for DNSSec | RSA SigVer (FIPS186-4): (A3942) Counter DRBG: (A3942) | DigSig-SigVer | Publication:FIPS 186-4, FIPS 186-5 | |
| AES (PEM Key) for Encrypting TLS Private Key | AES for the PEM Key, which is used to encrypt the TLS Private Key | AES-CBC: (A3942) Key Length: 256 HMAC-SHA-1: (A3942) SHA-1: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| PBKDF | Password-based key derivation for PEM Key used for the encryption and decryption of asymmetric private keys | PBKDF: (A3942) SHA-1: (A3942) | PBKDF | Publication:NIST SP 800- 132 | |
| AES for RDP Session | AES-GCM for the RDP Session Key, which is used for the encryption /decryption of RDP user and target information | AES-GCM: (A3942) Key Length: 256 Counter DRBG: (A3942) KDF SP800-108: (A3943) HMAC-SHA2-224: (A3943) SHA2-256: (A3943) | BC-Auth | Publication:NIST SP 800- 38D | |
| KBKDF for DFA Shared Secret | Key-based key derivation for DFA Shared Secret | KDF SP800-108: (A3943) HMAC-SHA2-256: (A3943) SHA2-256: (A3943) | KBKDF | Pubication:NIST SP 800- 108rev1 | |
| AES for DFA Session Key | AES for the DFA Session Key, which is used for DFA authentication to the module | AES-CBC: (A3943) Key Length: 256 KDF SP800-108: (A3943) HMAC-SHA2-256: (A3943) SHA2-256: (A3943) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| AES for SNMPv3 | AES (SNMPv3 Privacy Key) for the encryption and decryption of SNMPv3 packets | AES-CFB128: (A3942) Key Length: 128 KDF SNMP: (A3942) Counter DRBG: (A3942) | BC-UnAuth | Publication:NIST SP 800- 38A | |
| HMAC for SNMPv3 | HMAC (SNMPv3 Authentication Key) for the authentication of SNMPv3 packets | HMAC-SHA-1: (A3942) KDF SNMP: (A3942) SHA-1: (A3942) | MAC | Publication:FIPS 198-1 Caveat:The module supports the truncation of HMAC SHA-1 to 96 bits according to NIST SP 800-107 Rev1 | |
| RSA SigVer for Software Load Integrity | RSA SigVer used to verify the new software load | RSA SigVer (FIPS186-2): (A3943) Signature Type: pkcs1v1.5 Modulus: 2048 SHA2-512: (A3943) | DigSig-SigVer | Publication:FIPS 186-4, FIPS 186-5 | |
| RSA SigVer for Web GUI | RSA SigVer for authentication via the Web GUI | RSA SigVer (FIPS186-4): (A3943) SHA2-256: (A3943) SHA2-384: (A3943) SHA2-512: (A3943) | DigSig-SigVer | Publication:FIPS 186-4, FIPS 186-5 | |
| Entropy Source | CPU Jitter Entropy Source with SHA3 conditioning component | SHA3-256: (A3513) | ENT-Cond | Publication:NIST SP 800- 90B |
November 25, 2025 N/A for this module.
The table below lists the non-Approved algorithms implemented by the module that are allowed for use in the Approved mode of operation with no security claimed. N/A Table 9: Non-Approved, Allowed Algorithms with No Security Claimed
The module does not include any non-Approved algorithms not allowed in the Approved mode of operation. N/A for this module. 2.6 Security Function Implementations The table below lists the security function implementations for this module. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 Table 10: Security Function Implementations 2.7 Algorithm Specific Information
| Name | Type | Strength | Operational Environment | Conditioning Component | |
|---|---|---|---|---|---|
| NetScaler CPU Jitter Entropy Source | Non- Physical | 256 bits | FreeBSD 11.4 on VMware ESXi 7 on Intel® Xeon® E5 v4 (Broadwell) Family without PAA | Full entropy | SHA3-256 (A3513) |
| Cert | Vendor Name | |
|---|---|---|
| Number | ||
| E52 | Cloud Software Group |
2.9 November 25, 2025 Key Generation When generating symmetric keys, the module uses the direct output of its approved DRBG to generate random numbers and seeding material, per the guidance in NIST SP 800-133 Rev. 2, Section 4. When generating the Key Encryption Key (KEK), the module follows the method “Symmetric Keys Produced by Combining (Multiple) Keys and Other Data” described in NIST SP 800-133 Rev. 2, Section 6.3. 2.10 Key Establishment
The module implements the following approved key agreement methods: KAS-ECC-SSC
The module implements the following key transport method: KTS-IFC
| Name | Physical Port | Logical Interface | Data That Passes |
|---|---|---|---|
| N/A | N/A | Data Input | Data to be encrypted, decrypted, signed, verified, or hashed; Keys to be used in cryptographic services; Random seed material for the module's DRBG; Keying material to be used as input to key establishment services |
| N/A | N/A | Data Output | Data that has been encrypted, decrypted, or verified; Digital signatures; Hashes; Random values generated by the module's DRBG; Keys established using module's key establishment methods |
| N/A | N/A | Control Input | API commands invoking cryptographic services; Modes, key sizes, etc. used with cryptographic services |
| N/A | N/A | Control Output | Control information is sent to remote machines supporting LDAP and RADIUS in order for the module to communicate with these machines. |
| N/A | N/A | Status Output | Includes status information regarding the module and status information regarding the invoked service/operation. |
November 25, 2025 3. 3.1 Ports and Interfaces The module supports the following logical interfaces:
| Name | Description | Strength | Security Mechanism | |
|---|---|---|---|---|
| Password | Password complexity policies must be configured by the Crypto Officer to include the following: a minimum of eight total characters, at least one lowercase letter, at least one uppercase letter, at least one digit, at least one special character (~, `, !, @, #, $, %, ^, &, *, -, _, =, +, {, }, [, ], |, \, :, <, >, /, ., ,, " "). | 1/11451713827320 | Username / Password | 1/4591650 |
| Certificate | The module supports RSA digital certificate authentication of users during Web GUI/HTTPS (TLS) access. | 1 per 2^122, 1 per 5.19 * 10^33 | Placeholder for SFI entry | 1/77 * 10^26 |
November 25, 2025 4. Roles, Services, and Authentication 4.1 Authentication Methods The module supports identity-based authentication; operators explicitly assume their role based on the authentication credentials used. Each role determines the functionality available to the operator within the Operators authenticate to the module using either:
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Identity | Password Certificate | ||||||
| User | User | Identity | Password Certificate | ||||||
| Show status | Show the system status | Crypto Officer | None | N/A | Command | Status output | |||
| Perform self-tests on demand | Perform pre-operational self-tests | Crypto Officer | None | Log file | Command | Status output | |||
| Perform initial network configuration | Set up initial network configuration and licenses | Crypto Officer - KEK Fragment 1: R - KEK Fragment 2: R | CKG (KEK) | Success from CLI | Command and parameters | Command response/status output | |||
| Show versioning information | Show module name and version | Crypto Officer | None | Console Output | Command | Module name, version |
| Name | Description | Role Access | Csps Accessed | Approved Functions | Indicator | Type | Input | Output | |
|---|---|---|---|---|---|---|---|---|---|
| Crypto Officer | CO | Identity | Password Certificate | ||||||
| User | User | Identity | Password Certificate | ||||||
| Show status | Show the system status | Crypto Officer | None | N/A | Command | Status output | |||
| Perform self-tests on demand | Perform pre-operational self-tests | Crypto Officer | None | Log file | Command | Status output | |||
| Perform initial network configuration | Set up initial network configuration and licenses | Crypto Officer - KEK Fragment 1: R - KEK Fragment 2: R | CKG (KEK) | Success from CLI | Command and parameters | Command response/status output | |||
| Show versioning information | Show module name and version | Crypto Officer | None | Console Output | Command | Module name, version | |||
| View system information | View system info and statistics; view/end system sessions | Crypto Officer | None | Console Output | Command | Status output | |||
| Configure system settings | Configure modes and features, system settings, and cloud parameters | Crypto Officer - AES Key: W - KEK (AES Key): E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E | AES for Disk Encryption AES for AES Key | Command Line Interface | Command and parameters | Command response/status output | |||
| Configure HA | Configure HA nodes, route monitors, failover interface set | Crypto Officer | None | Command Line Interface and Traffic | Command and parameters | Status output/control output | |||
| Manage NTP servers | Add, edit, delete NTP servers; configure NTP parameters and synchronization state | Crypto Officer | None | Command Line Interface | Command | Status output / control output |
4.2 November 25, 2025 Roles The module supports a Crypto Officer (CO) that authorized operators can assume. The CO role performs administrative services on the module, such as initialization, configuration, and monitoring of the module. The CO role includes the privileges listed under the read-only, operator, network, and sysadmin command policies. The module also supports the following role(s):
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Zeroize | Procedural Zeroization: Operator initiated reboot/power-cycle of Module/TOEPP | N/A | Command | Status output | None | Crypto Officer - PEM Passphrase (Alphanumeric string): Z - PEM Key (AES Key): Z - AES Key: Z - AES GCM Key: Z - AES GCM IV (96 and 128-bit IV): Z - DH Public Key: Z - DH Private Key: Z - ECDH Public Key : Z - ECDH Private Key : Z - HMAC Key: Z - RDP PSK (Shared secret): Z - RSA Public Key: Z - RSA Private Key : Z - SSH Shared Secret: Z - SSH Session Key: Z - SSH Authentication Key: Z - IKE/IPsec Shared Secret: Z - IKE/IPsec Session Key (AES key): Z - IKE/IPsec Authentication Key (HMAC key): Z - TLS Pre-Master Secret: Z - TLS Extended Master Secret: Z - TLS Session Key: Z - TLS Authentication Key (HMAC Key): Z - TLS Ticket Encryption Key (AES key): Z - TLS Ticket Authentication Key (HMAC key): Z - Hash DRBG Entropy: Z |
|---|
N/A November 25, 2025 Z :Z Z :Z Z Z Z Z Z NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure TLS profiles | Add, edit, delete system profiles | Crypto Officer - TLS Extended Master Secret: R,W,E - TLS Ticket Encryption Key (AES key): R,W - TLS Ticket Authentication Key (HMAC key): R,W - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E - KEK (AES Key): E | AES for Disk Encryption Key Derivation for TLS Extended Master Secret AES for TLS Ticket | Command Line Interface | Command and parameters | Command response / status output |
| Manage users | Add, edit delete users, groups, and command policies; view user/group partition bindings | Crypto Officer | None | Command Line Interface | Command | Status output |
| Configure system auditing | Add, edit, delete syslog/nslog auditing policies and servers; bind classic/advanced global policies | Crypto Officer | None | Command Line Interface | Command and parameters | Command response / status output / control output |
| View audit logs | View authentication, system, and event logs | Crypto Officer | None | N/A (Audit Logs) | Command | Status output |
| Configure network settings | Configure network routing protocols | Crypto Officer - ZebOS Router Password (Alphanumeric string): R,W - KEK (AES Key): E | AES for Disk Encryption | Command Line Interface | Command Line Interface | Command response / status output |
| Exchange routing information | Exchange routing update information using ZebOS, authenticate source of packets | Crypto Officer - ZebOS Router Password (Alphanumeric string): E - KEK (AES Key): E | AES for Disk Encryption | Show Command O/P and Traffic | Command | Status output |
| Configure SSH | Configure SSH authentication settings; generate SSH keys | Crypto Officer - SSH Private Key: W,E - SSH Public Key: W - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E | Key Generation for SSH | Command Line Interface | Command and parameters | Command response / status output |
| Establish SSH sessions | Establish an SSH session | Crypto Officer - SSH Public Key: R,E - DH Private Key: W,E - DH Public Key: R,E - ECDH Private Key : W,E - ECDH Public Key : R,E - SSH Shared Secret: W,E - SSH Session Key: W,E - SSH Authentication Key: W,E - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E | Key Agreement for SSH (DH) Key Agreement for SSH (ECDH) AES for SSH HMAC for SSH Entropy Source CKG (Control Plane) CKG (Data Plane) | Traffic | Command | Status output |
| Configure IPsec | Configure IPsec profile; configure CloudBridge Connector settings, network bridges, and IP tunnels; view IP tunnel details | Crypto Officer - IKE/IPsec Pre- shared key (PSK): R,W - KEK (AES Key): E | AES for Disk Encryption | Command Line Interface | Command and parameters | Command response / status output |
| Configure clustering | Configure an appliance to either be the cluster coordinator or a node in the cluster | Crypto Officer - Cluster Password (Alphanumeric string): R,W | None | Command Line Interface | Command and parameters | Command response / status output / control output |
| Establish IPsec session | Establish an IPsec Session | Crypto Officer - DH Private Key: W,E - DH Public Key: R,E - IKE/IPsec Shared Secret: W,E - IKE/IPsec Pre- shared key (PSK): E - KEK (AES Key): E - IKE/IPsec Session Key (AES key): W,E - IKE/IPsec Authentication Key (HMAC key): W,E - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E | AES for Disk Encryption Key Agreement for IKE/IPsec (DH) AES for IKE/IPsec HMAC for IKE/IPsec Entropy Source CKG (Control Plane) CKG (Data Plane) | Traffic | Command | Status output |
| Backup and restore | Backup/import system configuration files; download and delete backup files; restore | Crypto Officer | None | N/A | Command | Status output / control output |
| Manage data policy encryption keys | Add, edit, delete encryption keys | Crypto Officer - AES Key: R,W - KEK (AES Key): E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E | AES for Disk Encryption AES for AES Key | Command Line Interface | Command | Status output |
| Manage data policy HMAC keys | Add, edit, delete HMAC keys | Crypto Officer - AES Key: R,W - KEK (AES Key): E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E | AES for Disk Encryption HMAC for HMAC key | Command Line Interface | Command | Status output |
| Configure traffic management | Configure TLS; Configure load balancing, priority load balancing, content switching | Crypto Officer - CA Public Key: R,W,E - TLS Private Key: R,W,E - TLS Public Key: R,W - Private DNS KSK (RSA private key): R,W,E - Public DNS KSK (RSA public key): R,W - Private DNS ZSK (RSA private key): R,W,E - Public DNS ZSK (RSA public key): R,W - SSH Private Key: R,W,E - SSH Public Key: R,W,E - PEM Passphrase (Alphanumeric string): R,W,E - PEM Key (AES Key): W,E - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E - KEK (AES Key): E | Key Transport for TLS Key Generation for TLS RSA SigGen for DNSsec RSA SigVer for DNSsec AES (PEM Key) for Encrypting TLS Private Key PBKDF | Command Line Interface | Command and parameters | Command response / status output |
November 25, 2025 Z Z R,W,E R,W R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 W,E W R,W,E R,W,E R,E W,E R,E : R,E W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 N/A R,W W,E R,E W,E E W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 R,W,E R,W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 R,W,E R,W,E R,W R,W,E R,W R,W,E R,W R,W,E R,W,E R,W,E R,W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Establish TLS session | Establish a web session using TLS protocol | Traffic | Command | Status output | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) AES for TLS session HMAC for TLS Session AES GCM for TLS Session AES (PEM Key) for Encrypting TLS Private Key Entropy Source CKG (Control Plane) CKG (Data Plane) | Crypto Officer - TLS Public Key: R,E - DH Private Key: W,E - DH Public Key: R,E - ECDH Private Key : W,E - ECDH Public Key : R,E - RSA Private Key : W,E - RSA Public Key: R,E - TLS Pre-Master Secret: R,W,E - TLS Extended Master Secret: W,E - TLS Session Key: W,E - TLS Authentication Key (HMAC Key): W,E - AES GCM IV (96 and 128-bit IV): W,E - AES GCM Key: W,E - PEM Passphrase (Alphanumeric string): R,E - PEM Key (AES Key): W,E - KEK (AES Key): E - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E |
|---|
November 25, 2025 R,E W,E R,E : R,E : W,E R,E W,E W,E W,E W,E W,E R,W,E R,W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Resume TLS session | Resume a web session using TLS protocol | Crypto Officer - TLS Ticket Encryption Key (AES key): R,W,E - TLS Ticket Authentication Key (HMAC key): R,W,E - TLS Session Key: R,E - TLS Authentication Key (HMAC Key): R,E - AES GCM IV (96 and 128-bit IV): W,E - AES GCM Key: W,E - KEK (AES Key): E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E | AES for Disk Encryption AES for TLS Ticket HMAC for TLS Ticket AES for TLS session HMAC for TLS Session AES GCM for TLS Session | Traffic | Command | Status output |
| Apply data policies | Apply data policies to user data in transit (according to configuration) | Crypto Officer - AES Key: E - HMAC Key: E - KEK (AES Key): E | AES for Disk Encryption AES for AES Key HMAC for HMAC key | Traffic | Command | Status output |
| Configure security | Configure DNS security profiles, application firewall profiles and policies, reputation settings, protection features, and content inspection policies | Crypto Officer | None | Command Line Interface | Command and parameters | Command response / status output |
| Configure Gateway | Configure Gateway global settings, virtual servers, portal themes, AAA groups and users, policies, and resources | Crypto Officer - RDP PSK (Shared secret): W - KEK (AES Key): E | AES for Disk Encryption | Command Line Interface | Command and parameters | Command response / status output |
| Establish Gateway connection | Establish Gateway connection based on global settings | Crypto Officer - RDP PSK (Shared secret): R,E - RDP Session Key: R,E - KEK (AES Key): E | AES for RDP Session | Traffic | Command and parameters | Command response / status output / control output |
| Configure external servers for system, AAA, and Gateway authentication | Configure LDAP , Oauth, OpenID, DFA , and SAML servers to be used in system, AAA, or Gateway authentication | Crypto Officer - LDAP Admin Password (Alphanumeric string): R,W - Oauth Client Secret (Shared secret): R,W - DFA Shared Secret: R,W - KEK (AES Key): E - DFA Session Key: R,W,E | KBKDF for DFA Shared Secret AES for DFA Session Key | Command Line Interface | Command and parameters | Command response / status output |
November 25, 2025 R,W,E R,E R,E W,E W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| RADIUS Over TLS | Establish a TLS session with radius server | Traffic | Command | Status output | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) AES for TLS session HMAC for TLS Session AES GCM for TLS Session AES (PEM Key) for Encrypting TLS Private Key Entropy Source CKG (Control Plane) CKG (Data Plane) | Crypto Officer - TLS Public Key: R,E - DH Private Key: W,E - DH Public Key: R,E - ECDH Private Key : W,E - ECDH Public Key : R,E - RSA Private Key : W,E - RSA Public Key: R,E - TLS Pre-Master Secret: R,W,E - TLS Extended Master Secret: W,E - TLS Session Key: W,E - TLS Authentication Key (HMAC Key): W,E - AES GCM IV (96 and 128-bit IV): W,E - AES GCM Key: W,E - PEM Passphrase (Alphanumeric string): R,E - PEM Key (AES Key): W,E - KEK (AES Key): E - CTR DRBG Entropy: R,E - CTR DRBG Seed: R,W,E - CTR DRBG 'V' Value: R,W,E - CTR DRBG 'Key' Value (AES key): R,W,E - Hash DRBG Entropy: R,E - Hash DRBG Seed: R,W,E - Hash DRBG 'V' Value (Internal state value): R,W,E - Hash DRBG 'C' Value (Internal state value): R,W,E |
|---|
November 25, 2025 R,E W,E R,E : R,E : W,E R,E W,E W,E W,E W,E W,E R,W,E R,W,E R,W,E R,W,E NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Description | Csps Accessed | Approved Functions | Indicator | Input | Output |
|---|---|---|---|---|---|---|
| Configure SNMPv3 | Configure SNMP communities, traps, managers, views, groups, users, alarms, and engine ID ; view SNMP OIDs | Crypto Officer - SNMPv3 Authentication Passphrase (Alphanumeric string): R,W - SNMPv3 Privacy Passphrase (Alphanumeric string): R,W - KEK (AES Key): E | AES for Disk Encryption | Command Line Interface | Command and parameters | Command response / status output |
| SNMPv3 traps | Provides system condition information | Crypto Officer - SNMPv3 Authentication Passphrase (Alphanumeric string): E - SNMPv3 Privacy Passphrase (Alphanumeric string): E - SNMPv3 Privacy Key (AES key): W,E - SNMPv3 Authentication Key (HMAC key): W,E | AES for SNMPv3 HMAC for SNMPv3 | Log files | None | Status output / control output |
| Zeroize KEK | Zeroize KEK | Crypto Officer - KEK (AES Key): W | None | API return value | Command | Status output |
| Zeroize SSH private keys | Zeroize SSH private keys | Crypto Officer - SSH Private Key: W | None | API return value | Command | Status output |
| Authenticate operators | Used for operator logins to the module | Crypto Officer - Operator Password (Alphanumeric string): E User - Operator Password (Alphanumeric string): E | RSA SigVer for Web GUI | Traffic | Command | Status output |
| Software load | Update the module's software to a new version | Crypto Officer - Software Load Integrity Key (RSA public key): R | RSA SigVer for Software Load Integrity | Log files | Command | Status output |
November 25, 2025 W,E W,E W W Table 16: Approved Services 4.4 Non-Approved Services The module does not provide any non-Approved services. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 N/A for this module. 4.5 External Software/Firmware Loaded The module does not support the loading of external software or firmware. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
5. Software/Firmware Security 5.1 Integrity Techniques November 25, 2025 All software within the cryptographic boundary is verified using an approved integrity technique implemented within the cryptographic module itself. The module implements a 2048-bit RSA digital signature verification with a SHA-512 hash to ensure the integrity of its software components. The module’s pre-operational integrity check is performed automatically at module power-up. 5.2 Initiate on Demand This integrity check can also be performed on demand by the module operator by performing a reboot. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
6. Operational Environment 6.1 Operational Environment Type and Requirements November 25, 2025 The NetScaler Virtual Appliance comprises a software cryptographic library that executes in a Modifiable operational environment. 6.2 Configuration Settings and Restrictions NetScaler Virtual Appliance runs on the FreeBSD v11.4 OS, which acts as the guest OS son top of the virtualization layer. The virtualization layer is provided by VMware’s ESXi hypervisor v7.0. The VMware hypervisor runs directly on the server’s hardware, with no need for an underlying operating system. Only the module’s signed image can be executed, and all software upgrades are digitally signed. All services provided by the module are provided by the module’s software and external interfaces. The module’s processor executes the software on the tested configurations specified in section 2.2.4 of this document. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
7. November 25, 2025 Physical Security The cryptographic module is a multi-chip standalone software module and does not include physical security mechanisms. Therefore, per section G.3 of the Implementation Guidance for FIPS PUB 140-3 and the CMVP, this section is not applicable. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
8. November 25, 2025 Non-Invasive Security This section is not applicable. There are currently no approved non-invasive mitigation techniques references in Annex F of ISO/IEC 19790. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Type | Description |
|---|---|---|
| On Disk | Static | SSPs are stored on disk |
| Non-volatile Memory | Static | SSPs are stored in non-volatile memory |
| Volatile Memory | Dynamic | SSPs are stored in volatile memory |
| Name | Approved Functions | Type | From | To | ||
|---|---|---|---|---|---|---|
| Exported in encrypted form via part of config backup file | Encrypted | On Disk | External | Automated | Electronic | |
| Exported in plaintext | Plaintext | placeholder | placeholder | Automated | Electronic | |
| Imported in encrypted form via TLS or SSH session | Encrypted | External | On Disk | Automated | Electronic | |
| Imported in plaintext via local console | Encrypted | External | On Disk | Automated | Electronic | |
| Imported in encrypted form via RSA key transport | Key Transport for TLS | Encrypted | External | Volatile Memory | Automated | Electronic |
| Zeroization Method | Description | Rationale | Operator Initiation | ||||
|---|---|---|---|---|---|---|---|
| CLI command | The zeroization method is conducted via CLI command | The CLI command overwrites the storage location keys with 0's, making them irretrievable | Crypto Officer by command |
November 25, 2025 9. Sensitive Security Parameters Management 9.1 Storage Areas The table below lists sensitive security parameters (SSPs) storage areas for this module. Section 9.4 below selects from the storage areas listed and specifies the appropriate storage area in the “Storage” column if applicable to a specific SSP. Table 17: Storage Areas 9.2 SSP Input-Output Methods The table below lists SSP input and output methods for this module. Section 9.4 below selects from the input and output methods listed and specifies the appropriate method in the “Inputs/Outputs” column if applicable to a specific SSP. Table 18: SSP Input-Output Methods 9.3 SSP Zeroization Methods The table below lists SSP zeroization methods for this module. Section 9.4 below selects from the zeroization methods listed and specifies the appropriate method in the “Zeroization” column if applicable to a specific SSP. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Type | Description | Strength | Generation | Use | |
|---|---|---|---|---|---|---|
| KEK Fragment 1 | Keying material - Neither | Hashed in combination with KEK Fragment 2 to derive KEK | N/A - N/A | CKG (Control Plane) | AES for Disk Encryption | |
| KEK Fragment 2 | Keying material - Neither | Hashed in combination with KEK Fragment 1 to derive KEK | N/A - N/A | CKG (Control Plane) | AES for Disk Encryption | |
| KEK (AES Key) | Symmetric Key - CSP | Encryption and decryption of passwords and passphrases | 256 bits - 256 bits | CKG (KEK) | AES for Disk Encryption | |
| PEM Key (AES Key) | Symmetric Key - CSP | Encryption and decryption of asymmetric private keys | 256 bits - 256 bits | PBKDF | ||
| AES Key | Symmetric Key - CSP | Encryption and decryption | Between 128 and 256 bits - Between 128 and 256 bits | CKG (Data Plane) | AES for AES Key | |
| AES GCM Key | Symmetric Key - CSP | Encryption and decryption | 256 bits - 256 bits | CKG (Data Plane) | ||
| HMAC Key | Authentication - CSP | Message authentication with SHS | Between 160 and 512 bits - Between 128 and 256 bits | CKG (Data Plane) | HMAC for HMAC key |
| Zeroization Method | Description | Rationale | Operator Initiation | ||||
|---|---|---|---|---|---|---|---|
| Completion of TLS Session Key and TLS Authentication Key derivation | Zeroization upon the completion of a TLS Session Key and TLS Authentication Key derivation | Keys are automatically zeroized upon completion of TLS key derivation and are irretrievable | Crypto Officer or User by TLS session termination | ||||
| Reboot | Zeroization when module is rebooted | Keys are procedurally zeroized by rebooting the host platform, which is acceptable at Software level 1 | Crypto Officer by rebooting the host system | ||||
| Remove power | Zeroization when power is removed from the module | Keys are procedurally zeroized by removing the power of the host platform, which is acceptable at Software level 1 | Crypto Officer by removing power | ||||
| Session termination | Zeroization when the session is terminated | Keys are automatically zeroized upon session termination and are irretrievable | Crypto Officer or User by session termination | ||||
| NetScaler VA Detection | SSPs are not zeroized. NetScaler VA detects any modification. | NetScaler VA detects modification of Public Security Parameters for listed entry. | N/A | ||||
| Zeroisation of KEK | The KEK is zeroised | Zeroization of the KEK renders SSP permanently unrecoverable | Crypto Officer reboots or removes the power |
November 25, 2025 N/A Table 19: SSP Zeroization Methods 9.4 The module supports the keys and other SSPs listed in the table below. Note that all SSP imports and exports are electronic and performed within the Tested OE’s Physical Parameter (TOEPP). N/A - N/A N/A - N/A NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Type | Description | Strength | Generation | Use |
|---|---|---|---|---|---|
| CA Public Key | Public/Private - PSP | TLS certificate authentication | RSA: Between 2048 and 3072 bits, ECDSA: Between 224 and 512 bits - RSA: Between 112 and 128 bits, ECDSA: Between 112 and 256 bits | ||
| DH Private Key | Public/Private - CSP | Generation of SSH, TLS, and IKE shared secrets | SSH: Between 2048 and 6144 bits, TLS: Between 2048 and 4096 bits, IKE: 2048 bits - SSH: Between 112 and 176 bits, TLS: Between 112 and 150 bits, IKE: 112 bits | CKG (Data Plane) | Key Agreement for SSH (DH) Key Agreement for IKE/IPsec (DH) Key Agreement for TLS (DH) |
| DH Public Key | Public/Private - PSP | Generation of SSH, TLS, and IKE shared secrets | SSH: Between 2048 and 6144 bits, TLS: Between 2048 and 4096 bits, IKE: 2048 bits - SSH: Between 112 and 176 bits, TLS: Between 112 and 150 bits, IKE: 112 bits | CKG (Data Plane) | Key Agreement for SSH (DH) Key Agreement for IKE/IPsec (DH) Key Agreement for TLS (DH) |
| ECDH Private Key | Public/Private - CSP | Generation of SSH and TLS shared secrets | Between 224 and 512 bits - Between 112 and 256 bits | CKG (Control Plane) CKG (Data Plane) | Key Agreement for SSH (ECDH) Key agreement for TLS (ECDH) |
| ECDH Public Key | Public/Private - PSP | Generation of SSH and TLS shared secrets | Between 224 and 512 bits - Between 112 and 256 bits | CKG (Control Plane) CKG (Data Plane) | Key Agreement for SSH (ECDH) Key agreement for TLS (ECDH) |
| RSA Private Key | Public/Private - CSP | Generation of TLS shared secrets | 2048 or 3072 bits - 112 or 128 bits | CKG (Control Plane) | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) |
| RSA Public Key | Public/Private - PSP | Generation of TLS shared secrets | 2048 or 3072 bits - 112 or 128 bits | CKG (Control Plane) | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) |
| SSH Private Key | Public/Private - CSP | Authentication during SSH session negotiation; RBA Authentication for LDAP; GSLB configuration sync | RSA: 2048 or 3072, ECDSA: Between 224 and 512 bits - RSA: 112 or 128 bits, ECDSA: Between 112 and 256 bits | CKG (Control Plane) | |
| SSH Public Key | Public/Private - PSP | Authentication during SSH session negotiation; RBA Authentication for LDAP; GSLB configuration sync | RSA: 2048 or 3072, ECDSA: Between 224 and 512 bits - RSA: 112 or 128 bits, ECDSA: Between 112 and 256 bits | CKG (Control Plane) | |
| SSH Session Key | Symmetric Key - CSP | Encryption and decryption of SSH session packets | Between 128 and 256 bits - Between 128 and 256 bits | AES for SSH | |
| SSH Authentication Key | Authentication - PSP | Authentication of SSH session packets | Between 160 and 512 bits - Between 128 and 256 bits | HMAC for SSH | |
| IKE/IPsec Pre- shared key (PSK) | Authentication - CSP | Authentication during IKE/IPsec session negotiation; Derivation of the IKE/IPsec Session Keys and IKE/IPsec Authentication Keys for IKEv1 | Key Agreement for IKE/IPsec (DH) | ||
| IKE/IPsec Session Key (AES key) | Symmetric Key - CSP | Encryption and decryption of IKE/IPsec session packets | Between 128 and 256 bits - Between 128 and 256 bits | AES for IKE/IPsec | |
| IKE/IPsec Authentication Key (HMAC key) | Authentication - CSP | Authentication of IKE/IPsec session packets | Between 160 and 512 bits - Between 128 and 256 bits | HMAC for IKE/IPsec | |
| RDP Session Key | Symmetric Key - Neither | Encryption and decryption of RDP user and target information | 256 bits - 256 bits | AES for RDP Session | |
| DFA Session Key | Symmetric Key - Neither | DFA authentication to the module | 256 bits - 256 bits | AES for DFA Session Key | |
| TLS Private Key | Public/Private - CSP | TLS authentication; SAML authentication (RSA only); OpenID authentication (RSA only) | RSA: Between 2048 and 4096 bits, ECDA: between 224 and 512 bits - RSA: Between 112 and 150 bits, ECDA: between 112 and 256 bits | CKG (Control Plane) | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) |
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 --NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Type | Description | Strength | Use | ||
|---|---|---|---|---|---|---|
| TLS Public Key | Public/Private - PSP | TLS authentication; | RSA: Between 2048 and 4096 bits, ECDA: between 224 and 512 bits - RSA: Between 112 and 150 bits, ECDA: between 112 and 256 bits | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) | ||
| TLS Session Key | Symmetric Key - Neither | Encryption and decryption of TLS session packets | 128 or 256 bits - 128 or 256 bits | AES for TLS session AES GCM for TLS Session | ||
| TLS Authentication Key (HMAC Key) | Authentication - CSP | Authentication of TLS session packets | Between 160 and 384 bits - Between 128 and 256 bits | HMAC for TLS Session | ||
| TLS Ticket Encryption Key (AES key) | Symmetric Key - CSP | Encryption and decryption of TLS session tickets | 128 bits - 128 bits | AES for TLS session | CKG (Data Plane) | |
| TLS Ticket Authentication Key (HMAC key) | Authentication - CSP | Computes the digest of TLS session tickets | 256 bits - 256 bits | HMAC for TLS Ticket | CKG (Control Plane) CKG (Data Plane) | |
| SNMPv3 Privacy Key (AES key) | Symmetric Key - CSP | Encryption and decryption of SNMPv3 packets | 128 bits - 128 bits | AES for SNMPv3 | ||
| SNMPv3 Authentication Key (HMAC key) | Authentication - CSP | Authentication of SNMPv3 packets | 160 bits - 128 bits | HMAC for SNMPv3 | ||
| Public DNS KSK (RSA public key) | Public/Private - PSP | Public DNS ZSK authentication | Between 2048 and 4096 bits - Between 112 and 150 bits | |||
| Private DNS KSK (RSA private key) | Public/Private - CSP | Public DNS ZSK authentication | Between 2048 and 4096 bits - Between 112 and 150 bits | RSA SigGen for DNSsec | ||
| Public DNS ZSK (RSA public key) | Public/Private - PSP | DNS zone authentication | Between 2048 and 4096 bits - Between 112 and 150 bits | RSA SigVer for DNSsec | ||
| Private DNS ZSK (RSA private key) | Public/Private - CSP | DNS zone signature generation | Between 2048 and 4096 bits - Between 112 and 150 bits | RSA SigGen for DNSsec | ||
| PEM Passphrase (Alphanumeric string) | Alphanumeric String - CSP | Derivation of PEM Key | AES (PEM Key) for Encrypting TLS Private Key | |||
| AES GCM IV (96 and 128-bit IV) | Initialization Vector - CSP | IV for AES GCM | ||||
| SSH Shared Secret | Shared Secret - CSP | Derivation of the SSH Session Key and SSH Authentication Key | Key Agreement for SSH (DH) Key Agreement for SSH (ECDH) | |||
| IKE/IPsec Shared Secret | Shared Secret - CSP | Derivation of the IKE/IPsec Session Keys and IKE/IPsec Authentication Keys | Key Agreement for IKE/IPsec (DH) | |||
| TLS Pre-Master Secret | Pre-Master Secret - CSP | Derivation of the TLS Extended Master Secret | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) | CKG (Control Plane) CKG (Data Plane) | ||
| TLS Extended Master Secret | Extended Master Secret - CSP | Derivation of the TLS Session Key and TLS Authentication Key | Key Agreement for TLS (DH) Key agreement for TLS (ECDH) | |||
| Hash DRBG Entropy | Entropy - CSP | Entropy input for Hash DRBG | ||||
| Hash DRBG Seed | DRBG Seed - CSP | Seed material for Hash DRBG | ||||
| Hash DRBG 'V' Value (Internal state value) | Internal State Value - CSP | Internal state value used with Hash DRBG | ||||
| Hash DRBG 'C' Value (Internal state value) | Internal State Value - CSP | Internal state value used with Hash DRBG | ||||
| CTR DRBG Entropy | Entropy - CSP | Entropy input for CTR DRBG | ||||
| CTR DRBG Seed | DRBG Seed - CSP | Seed material for CTR DRBG | ||||
| CTR DRBG 'V' Value | Internal State Value - CSP | Internal state value used with CTR DRBG | ||||
| CTR DRBG 'Key' Value (AES key) | Internal State Value - CSP | Internal state value used with CTR DRBG | ||||
| SNMPv3 Privacy Passphrase (Alphanumeric string) | Alphanumeric String - CSP | Derivation of the SNMPv3 Privacy Key | AES for SNMPv3 | |||
| SNMPv3 Authentication Passphrase (Alphanumeric string) | Alphanumeric String - CSP | Derivation of the SNMPv3 Authentication Key | HMAC for SNMPv3 | |||
| LDAP Admin Password (Alphanumeric string) | Alphanumeric String - CSP | Used to bind to the LDAP server | ||||
| RDP PSK (Shared secret) | Shared Secret - CSP | Used as input to derive RDP Session Key | AES for RDP Session | |||
| Oauth Client Secret (Shared secret) | Shared Secret - CSP | Oauth and Oauth IDP authentication to the module | ||||
| DFA Shared Secret | Shared Secret - CSP | Used as input to derive DFA Session Key | AES for DFA Session Key |
November 25, 2025 ------NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
----------------------------------November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Type | Description | Strength | Storage | Zeroization | Use | |||
|---|---|---|---|---|---|---|---|---|---|
| ZebOS Router Password (Alphanumeric string) | Alphanumeric String - CSP | Router authentication | |||||||
| Cluster Password (Alphanumeric string) | Alphanumeric String - CSP | Used to connect nodes to the cluster coordinator | |||||||
| Operator Password (Alphanumeric string) | Alphanumeric String - CSP | Authenticate the operator to the module via an external authentication service | |||||||
| Software Load Integrity Key (RSA public key) | Public/Private - Neither | (Not an SSP), Used to verify the new software load | 2048 bits - 112 bits | RSA SigVer for Software Load Integrity | |||||
| KEK Fragment 1 | Non-volatile Memory:Plaintext | CLI command | KEK Fragment 2:Used With | ||||||
| KEK Fragment 2 | Non-volatile Memory:Plaintext | CLI command | KEK Fragment 1:Used With | ||||||
| KEK (AES Key) | Volatile Memory:Plaintext | Reboot Remove power | KEK Fragment 1:Derived From KEK Fragment 2:Derived From | ||||||
| PEM Key (AES Key) | On Disk:Encrypted | CLI command | KEK (AES Key):Derived From | ||||||
| AES Key | On Disk:Encrypted | Reboot Remove power | KEK (AES Key):Encrypts | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | |||||
| AES GCM Key | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||||||
| HMAC Key | On Disk:Encrypted | Zeroisation of KEK | KEK (AES Key):Encrypts | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console |
| Name | Type | Description | Strength | Storage | Zeroization | Use | |||
|---|---|---|---|---|---|---|---|---|---|
| ZebOS Router Password (Alphanumeric string) | Alphanumeric String - CSP | Router authentication | |||||||
| Cluster Password (Alphanumeric string) | Alphanumeric String - CSP | Used to connect nodes to the cluster coordinator | |||||||
| Operator Password (Alphanumeric string) | Alphanumeric String - CSP | Authenticate the operator to the module via an external authentication service | |||||||
| Software Load Integrity Key (RSA public key) | Public/Private - Neither | (Not an SSP), Used to verify the new software load | 2048 bits - 112 bits | RSA SigVer for Software Load Integrity | |||||
| KEK Fragment 1 | Non-volatile Memory:Plaintext | CLI command | KEK Fragment 2:Used With | ||||||
| KEK Fragment 2 | Non-volatile Memory:Plaintext | CLI command | KEK Fragment 1:Used With | ||||||
| KEK (AES Key) | Volatile Memory:Plaintext | Reboot Remove power | KEK Fragment 1:Derived From KEK Fragment 2:Derived From | ||||||
| PEM Key (AES Key) | On Disk:Encrypted | CLI command | KEK (AES Key):Derived From | ||||||
| AES Key | On Disk:Encrypted | Reboot Remove power | KEK (AES Key):Encrypts | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | |||||
| AES GCM Key | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||||||
| HMAC Key | On Disk:Encrypted | Zeroisation of KEK | KEK (AES Key):Encrypts | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console |
November 25, 2025 ------Table 20: SSP Table 1 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Storage | Zeroization | Input | ||
|---|---|---|---|---|---|
| CA Public Key | On Disk:Plaintext | NetScaler VA Detection | Exported in plaintext Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | ||
| DH Private Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | DH Public Key:Paired With | |
| DH Public Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | DH Private Key:Paired With | |
| ECDH Private Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ECDH Public Key :Paired With | |
| ECDH Public Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Exported in plaintext Imported in plaintext via local console | Until module reboot, power off, or session termination | ECDH Private Key :Paired With |
| RSA Private Key | Volatile Memory:Plaintext | Zeroisation of KEK | Exported in plaintext Imported in plaintext via local console | RSA Public Key:Paired With KEK (AES Key):Encrypts | |
| RSA Public Key | Volatile Memory:Plaintext | NetScaler VA Detection | Exported in plaintext Imported in plaintext via local console | RSA Private Key :Paired With | |
| SSH Private Key | On Disk:Plaintext | CLI command | Exported in encrypted form via part of config backup file | ||
| SSH Public Key | Volatile Memory:Plaintext | NetScaler VA Detection | Exported in encrypted form via part of config backup file | ||
| SSH Session Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| SSH Authentication Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| IKE/IPsec Pre-shared key (PSK) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Exported in encrypted form via part of config backup file Imported in plaintext via local console | Until module reboot, power off, or session termination | |
| IKE/IPsec Session Key (AES key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| IKE/IPsec Authentication Key (HMAC key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| RDP Session Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| DFA Session Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | |||
| TLS Private Key | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | TLS Public Key:Paired With | |
| TLS Public Key | Volatile Memory:Plaintext | NetScaler VA Detection | TLS Private Key:Paired With | ||
| TLS Session Key | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| TLS Authentication Key (HMAC Key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| TLS Ticket Encryption Key (AES key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Imported in encrypted form via TLS or SSH session | Until module reboot, power off, or session termination | |
| TLS Ticket Authentication Key (HMAC key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Imported in encrypted form via TLS or SSH session | Until module reboot, power off, or session termination | |
| SNMPv3 Privacy Key (AES key) | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| SNMPv3 Authentication Key (HMAC key) | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| Public DNS KSK (RSA public key) | On Disk:Plaintext | Zeroisation of KEK | Exported in plaintext Imported in encrypted form via TLS or SSH session | Private DNS KSK (RSA private key):Paired With | |
| Private DNS KSK (RSA private key) | On Disk:Encrypted | NetScaler VA Detection | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session | PEM Key (AES Key):Encrypts Public DNS KSK (RSA public key):Paired With | |
| Public DNS ZSK (RSA public key) | On Disk:Plaintext | NetScaler VA Detection | Exported in plaintext Imported in encrypted form via TLS or SSH session | Private DNS ZSK (RSA private key):Paired With | |
| Private DNS ZSK (RSA private key) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session | Public DNS ZSK (RSA public key):Paired With | |
| PEM Passphrase (Alphanumeric string) | Non-volatile Memory:Plaintext On Disk:Encrypted | Reboot Remove power | Exported in encrypted form via part of config backup file Imported in plaintext via local console | Until module reboot or power off | KEK (AES Key):Encrypts |
| AES GCM IV (96 and 128-bit IV) | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| SSH Shared Secret | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| IKE/IPsec Shared Secret | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | ||
| TLS Pre-Master Secret | Volatile Memory:Plaintext | Reboot Remove power Session termination | Imported in encrypted form via RSA key transport | Until module reboot, power off, or session termination | |
| TLS Extended Master Secret | Volatile Memory:Plaintext | Reboot Remove power Session termination | Until module reboot, power off, or session termination | TLS Pre-Master Secret:Derived From | |
| Hash DRBG Entropy | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| Hash DRBG Seed | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| Hash DRBG 'V' Value (Internal state value) | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| Hash DRBG 'C' Value (Internal state value) | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| CTR DRBG Entropy | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| CTR DRBG Seed | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| CTR DRBG 'V' Value | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| CTR DRBG 'Key' Value (AES key) | Volatile Memory:Plaintext | Reboot Remove power | Until module reboot or power off | ||
| SNMPv3 Privacy Passphrase (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts | |
| SNMPv3 Authentication Passphrase (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Storage | Zeroization | Input | |
|---|---|---|---|---|
| LDAP Admin Password (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
| RDP PSK (Shared secret) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
| Oauth Client Secret (Shared secret) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
| DFA Shared Secret | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
| ZebOS Router Password (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts |
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Storage | Zeroization | Input | ||
|---|---|---|---|---|---|
| Cluster Password (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts | |
| Operator Password (Alphanumeric string) | On Disk:Encrypted | Zeroisation of KEK | Exported in encrypted form via part of config backup file Imported in encrypted form via TLS or SSH session Imported in plaintext via local console | KEK (AES Key):Encrypts | |
| Software Load Integrity Key (RSA public key) | Non-volatile Memory:Plaintext | Reboot Remove power | Imported in plaintext via local console | Until module reboot or power off |
November 25, 2025 Table 21: SSP Table 2 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Algorithm Or Test | Test Method | Test Type | Details | Test Properties | Indicator | Conditions | ||
|---|---|---|---|---|---|---|---|---|---|
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | Software Integrity | SW/FW Integrity | RSA 2048 digital signature verification with SHA-512 | 2048-bit, using SHA2-512 | "FIPS Post Failed" message in /var/log/ns.log | |||
| AES-CBC (A3942) | AES-CBC (A3942) | KAT | CAST | Encrypt, Decrypt | 128-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test | ||
| AES-GCM (A3942) | AES-GCM (A3942) | KAT | CAST | Encrypt, Decrypt | 256-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| Counter DRBG (A3942) | Counter DRBG (A3942) | KAT | CAST | Instantiate/Generate/Reseed | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||
| KAS-FFC-SSC Sp800-56Ar3 (A3942) | KAS-FFC-SSC Sp800-56Ar3 (A3942) | KAT | CAST | Primitive "Z" computation test | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||
| KAS-ECC-SSC Sp800-56Ar3 (A3942) | KAS-ECC-SSC Sp800-56Ar3 (A3942) | KAT | CAST | Primitive "Z" computation test | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||
| ECDSA SigGen (FIPS186-4) (A3942) | ECDSA SigGen (FIPS186-4) (A3942) | KAT | CAST | Sign | P-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. |
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Test Properties | Indicator | Conditions | ||
|---|---|---|---|---|---|---|---|---|---|---|---|
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | Software Integrity | SW/FW Integrity | RSA 2048 digital signature verification with SHA-512 | 2048-bit, using SHA2-512 | "FIPS Post Failed" message in /var/log/ns.log | |||||
| AES-CBC (A3942) | AES-CBC (A3942) | KAT | CAST | Encrypt, Decrypt | 128-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test | ||||
| AES-GCM (A3942) | AES-GCM (A3942) | KAT | CAST | Encrypt, Decrypt | 256-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| Counter DRBG (A3942) | Counter DRBG (A3942) | KAT | CAST | Instantiate/Generate/Reseed | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KAS-FFC-SSC Sp800-56Ar3 (A3942) | KAS-FFC-SSC Sp800-56Ar3 (A3942) | KAT | CAST | Primitive "Z" computation test | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KAS-ECC-SSC Sp800-56Ar3 (A3942) | KAS-ECC-SSC Sp800-56Ar3 (A3942) | KAT | CAST | Primitive "Z" computation test | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| ECDSA SigGen (FIPS186-4) (A3942) | ECDSA SigGen (FIPS186-4) (A3942) | KAT | CAST | Sign | P-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| ECDSA SigVer (FIPS186-4) (A3942) | ECDSA SigVer (FIPS186-4) (A3942) | KAT | CAST | Verify | P-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| HMAC-SHA-1 (A3942) | HMAC-SHA-1 (A3942) | KAT | CAST | N/A | SHA-1 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| HMAC-SHA2- 256 (A3942) | HMAC-SHA2- 256 (A3942) | KAT | CAST | N/A | SHA2-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| HMAC-SHA2- 512 (A3942) | HMAC-SHA2- 512 (A3942) | KAT | CAST | N/A | SHA2-512 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| PBKDF (A3942) | PBKDF (A3942) | KAT | CAST | N/A | SHA-1 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| RSA SigGen (FIPS186-4) (A3942) | RSA SigGen (FIPS186-4) (A3942) | KAT | CAST | Sign | 2048-bit, SHA2- 256 | "POST FAILED" message in /var/log/FIPS- post.log | Before software integrity test | ||||
| RSA SigVer (FIPS186-4) (A3942) | RSA SigVer (FIPS186-4) (A3942) | KAT | CAST | Verify | 2048-bit, SHA2- 256 | "POST FAILED" message in /var/log/FIPS- post.log | Before software integrity test | ||||
| SHA-1 (A3942) | SHA-1 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| SHA2-256 (A3942) | SHA2-256 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| SHA2-512 (A3942) | SHA2-512 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF IKEv1 (A3942) | KDF IKEv1 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF IKEv2 (A3942) | KDF IKEv2 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF SSH (A3942) | KDF SSH (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF TLS (A3942) | KDF TLS (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| TLS v1.2 KDF RFC7627 (A3942) | TLS v1.2 KDF RFC7627 (A3942) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| AES-CBC (A3943) | AES-CBC (A3943) | KAT | CAST | Encrypt, Decrypt | 128-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| AES-GCM (A3943) | AES-GCM (A3943) | KAT | CAST | Encrypt, Decrypt | 256-bit | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| KAS-ECC-SSC Sp800-56Ar3 (A3943) | KAS-ECC-SSC Sp800-56Ar3 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| ECDSA SigGen (FIPS186-4) (A3943) | ECDSA SigGen (FIPS186-4) (A3943) | KAT | CAST | Sign | P-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| ECDSA SigVer (FIPS186-4) (A3943) | ECDSA SigVer (FIPS186-4) (A3943) | KAT | CAST | Verify | P-256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| Hash DRBG (A3943) | Hash DRBG (A3943) | KAT | CAST | Instantiate/Generate/Reseed | AES, 256-bit, with derivation function | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| HMAC-SHA-1 (A3943) | HMAC-SHA-1 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| HMAC-SHA2- 256 (A3943) | HMAC-SHA2- 256 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| HMAC-SHA2- 512 (A3943) | HMAC-SHA2- 512 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF SP800-108 (A3943) | KDF SP800-108 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| RSA SigGen (FIPS186-4) (A3943) | RSA SigGen (FIPS186-4) (A3943) | KAT | CAST | N/A | 2048-bit, SHA2- 256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | KAT | CAST | N/A | 2048-bit, SHA2- 256 | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||||
| SHA-1 (A3943) | SHA-1 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| SHA2-256 (A3943) | SHA2-256 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| SHA2-512 (A3943) | SHA2-512 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| KDF TLS (A3943) | KDF TLS (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| TLS v1.2 KDF RFC7627 (A3943) | TLS v1.2 KDF RFC7627 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| TLS v1.3 KDF (A3943) | TLS v1.3 KDF (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | |||||
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | Software Integrity | SW/FW Integrity | On Demand | Manually | ||||||
| AES-CBC (A3942) | AES-CBC (A3942) | KAT | CAST | On Demand | Manually | ||||||
| AES-GCM (A3942) | AES-GCM (A3942) | KAT | CAST | On Demand | Manually | ||||||
| Counter DRBG (A3942) | Counter DRBG (A3942) | KAT | CAST | On Demand | Manually | ||||||
| KAS-FFC-SSC Sp800- 56Ar3 (A3942) | KAS-FFC-SSC Sp800- 56Ar3 (A3942) | KAT | CAST | On Demand | Manually | ||||||
| KAS-ECC-SSC Sp800- 56Ar3 (A3942) | KAS-ECC-SSC Sp800- 56Ar3 (A3942) | KAT | CAST | On Demand | Manually | ||||||
| ECDSA SigGen (FIPS186- 4) (A3942) | ECDSA SigGen (FIPS186- 4) (A3942) | KAT | CAST | On Demand | Manually | ||||||
| ECDSA SigVer (FIPS186- 4) (A3942) | ECDSA SigVer (FIPS186- 4) (A3942) | KAT | CAST | On Demand | Manually | ||||||
| HMAC-SHA-1 (A3942) | HMAC-SHA-1 (A3942) | KAT | CAST | On Demand | Manually | ||||||
| HMAC-SHA2-256 (A3942) | HMAC-SHA2-256 (A3942) | KAT | CAST | On Demand | Manually | ||||||
| HMAC-SHA2-512 (A3942) | HMAC-SHA2-512 (A3942) | KAT | CAST | On Demand | Manually | ||||||
| PBKDF (A3942) | PBKDF (A3942) | KAT | CAST | On Demand | Manually | ||||||
| RSA SigGen (FIPS186-4) (A3942) | RSA SigGen (FIPS186-4) (A3942) | KAT | CAST | On Demand | Manually |
November 25, 2025 10. Self-Tests The module performs pre-operational self-tests and conditional self-tests. Pre-operational tests are performed between the time the cryptographic module is instantiated and before the module transitions to the operational state. Conditional self-tests are performed by the module during module operation when certain conditions exist. The following sections list the self-tests performed by the module, their expected error status, and the error resolutions. 10.1 Pre-Operational Self-Tests The module performs the following pre-operational self-test(s): Table 22: Pre-Operational Self-Tests 10.2 Conditional Self-Tests The module performs the following conditional self-tests: NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A N/A NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 N/A N/A N/A N/A N/A N/A N/A N/A N/A NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Algorithm Or Test | Test Method | Test Type | Period | Periodic Method | Details | Indicator | Conditions |
|---|---|---|---|---|---|---|---|---|
| SHA2-256 (A3943) | SHA2-256 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| SHA2-512 (A3943) | SHA2-512 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| KDF TLS (A3943) | KDF TLS (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| TLS v1.2 KDF RFC7627 (A3943) | TLS v1.2 KDF RFC7627 (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| TLS v1.3 KDF (A3943) | TLS v1.3 KDF (A3943) | KAT | CAST | N/A | "POST FAILED" message in /var/log/FIPS- post.log | After successful completion of software integrity test. | ||
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | Software Integrity | SW/FW Integrity | On Demand | Manually | |||
| AES-CBC (A3942) | AES-CBC (A3942) | KAT | CAST | On Demand | Manually | |||
| AES-GCM (A3942) | AES-GCM (A3942) | KAT | CAST | On Demand | Manually | |||
| Counter DRBG (A3942) | Counter DRBG (A3942) | KAT | CAST | On Demand | Manually | |||
| KAS-FFC-SSC Sp800- 56Ar3 (A3942) | KAS-FFC-SSC Sp800- 56Ar3 (A3942) | KAT | CAST | On Demand | Manually | |||
| KAS-ECC-SSC Sp800- 56Ar3 (A3942) | KAS-ECC-SSC Sp800- 56Ar3 (A3942) | KAT | CAST | On Demand | Manually | |||
| ECDSA SigGen (FIPS186- 4) (A3942) | ECDSA SigGen (FIPS186- 4) (A3942) | KAT | CAST | On Demand | Manually | |||
| ECDSA SigVer (FIPS186- 4) (A3942) | ECDSA SigVer (FIPS186- 4) (A3942) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA-1 (A3942) | HMAC-SHA-1 (A3942) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA2-256 (A3942) | HMAC-SHA2-256 (A3942) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA2-512 (A3942) | HMAC-SHA2-512 (A3942) | KAT | CAST | On Demand | Manually | |||
| PBKDF (A3942) | PBKDF (A3942) | KAT | CAST | On Demand | Manually | |||
| RSA SigGen (FIPS186-4) (A3942) | RSA SigGen (FIPS186-4) (A3942) | KAT | CAST | On Demand | Manually | |||
| RSA SigVer (FIPS186-4) (A3942) | RSA SigVer (FIPS186-4) (A3942) | KAT | CAST | On Demand | Manually | |||
| SHA-1 (A3942) | SHA-1 (A3942) | KAT | CAST | On Demand | Manually | |||
| SHA2-256 (A3942) | SHA2-256 (A3942) | KAT | CAST | On Demand | Manually | |||
| SHA2-512 (A3942) | SHA2-512 (A3942) | KAT | CAST | On Demand | Manually | |||
| KDF IKEv1 (A3942) | KDF IKEv1 (A3942) | KAT | CAST | On Demand | Manually | |||
| KDF IKEv2 (A3942) | KDF IKEv2 (A3942) | KAT | CAST | On Demand | Manually | |||
| KDF SSH (A3942) | KDF SSH (A3942) | KAT | CAST | On Demand | Manually | |||
| KDF TLS (A3942) | KDF TLS (A3942) | KAT | CAST | On Demand | Manually | |||
| TLS v1.2 KDF RFC7627 (A3942) | TLS v1.2 KDF RFC7627 (A3942) | KAT | CAST | On Demand | Manually | |||
| AES-CBC (A3943) | AES-CBC (A3943) | KAT | CAST | On Demand | Manually | |||
| AES-GCM (A3943) | AES-GCM (A3943) | KAT | CAST | On Demand | Manually | |||
| KAS-ECC-SSC Sp800- 56Ar3 (A3943) | KAS-ECC-SSC Sp800- 56Ar3 (A3943) | KAT | CAST | On Demand | Manually | |||
| ECDSA SigGen (FIPS186- 4) (A3943) | ECDSA SigGen (FIPS186- 4) (A3943) | KAT | CAST | On Demand | Manually | |||
| ECDSA SigVer (FIPS186- 4) (A3943) | ECDSA SigVer (FIPS186- 4) (A3943) | KAT | CAST | On Demand | Manually | |||
| Hash DRBG (A3943) | Hash DRBG (A3943) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA-1 (A3943) | HMAC-SHA-1 (A3943) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA2-256 (A3943) | HMAC-SHA2-256 (A3943) | KAT | CAST | On Demand | Manually | |||
| HMAC-SHA2-512 (A3943) | HMAC-SHA2-512 (A3943) | KAT | CAST | On Demand | Manually | |||
| KDF SP800-108 (A3943) | KDF SP800-108 (A3943) | KAT | CAST | On Demand | Manually | |||
| RSA SigGen (FIPS186-4) (A3943) | RSA SigGen (FIPS186-4) (A3943) | KAT | CAST | On Demand | Manually | |||
| RSA SigVer (FIPS186-4) (A3943) | RSA SigVer (FIPS186-4) (A3943) | KAT | CAST | On Demand | Manually | |||
| SHA-1 (A3943) | SHA-1 (A3943) | KAT | CAST | On Demand | Manually | |||
| SHA2-256 (A3943) | SHA2-256 (A3943) | KAT | CAST | On Demand | Manually | |||
| SHA2-512 (A3943) | SHA2-512 (A3943) | KAT | CAST | On Demand | Manually | |||
| KDF TLS (A3943) | KDF TLS (A3943) | KAT | CAST | On Demand | Manually | |||
| TLS v1.2 KDF RFC7627 (A3943) | TLS v1.2 KDF RFC7627 (A3943) | KAT | CAST | On Demand | Manually | |||
| TLS v1.3 KDF (A3943) | TLS v1.3 KDF (A3943) | KAT | CAST | On Demand | Manually |
November 25, 2025 N/A N/A N/A N/A N/A Table 23: Conditional Self-Tests 10.3 Periodic Self-Test Information The module has conditions that may interrupt module operations during the time to repeat the periodic self-tests. The table below specifies the period and the policy for these conditions. Table 24: Pre-Operational Periodic Information NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 Table 25: Conditional Periodic Information 10.4 Error States If the module enters the critical error state due to a failure of the pre-operational integrity test, the module enters a critical error state and logs an error message. In this state, the boot sequence and entire system is halted. The only action available from this state is to reboot the module to trigger the re-execution of the integrity test. The error condition is considered to have been cleared if the module successfully passes the pre-operational integrity test. If the module continues to return to a halted state, the module is considered to be malfunctioning or compromised, and Cloud Software Group Customer Support must be contacted. If the module enters the critical error state due to a failure of any of the conditional CASTs, cryptographic operations are halted, and the module inhibits all data output from the module. The module logs an error message and automatically reboots to clear the error state. The CO must contact Cloud Software Group if this error occurs. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Description | Role Access | Indicator | |
|---|---|---|---|---|
| Critical Error (pre- operational self tests) | The booth sequence and entire system is halted. The only action available from this state is to reboot the module to trigger the re-execution of the integrity test. | Module fails pre- operational integrity test. | Logs "POST Failed" error message in /var/log/FIPS- post.log for Netscaler Control Plane Cryptographic Library. Logs "FIPS Post Failed" in /var/log/ns.log for Netscaler Data Plane Cryptographic Library. | The module successfully passes the pre-operational integrity test. If the module continues to return to a halted state, the module is considered to be malfunctioning or compromised, and Cloud Software Group Customer Support must be contacted. |
| Critical Error (Conditional CASTs) | Cryptographic operations are halted, and the module inhibits all data output from the module. | Module fails any conditional CASTs. | Logs "POST Failed" error message in /var/log/FIPS- post.log for Netscaler Control Plane Cryptographic Library. Logs "FIPS Post Failed" in /var/log/ns.log for Netscaler Data Plane Cryptographic Library. | The module automatically reboots after logging an error message to clear the error state. The CO must contact Cloud Software Group Support if this error occurs. |
| Soft Error | Error that may occur when invoking service that calls the conditional self-test. | Module fails any of the remaining conditional self-tests. | The following message is displayed: "Internal failure in SSL cert/key generation tool". | The module returns to an operational state once the message is displayed, and the error is logged. The user may retry the service or move to other operations. |
November 25, 2025 checking the log files.
November 25, 2025 11. Life-Cycle Assurance The sections below describe how to ensure the module is operating in its validated configuration, including the following:
For detailed guidance regarding the installation of NetScaler VA, please see the Deploy a Citrix ADC VPX instance webpage on Citrix’s online product documentation portal and refer to the following document entries:
After the appliance has been setup, the CO is responsible for the general configuration of the module. The Web GUI or CLI can be used for the general configuration of the module. All general configuration must be complete before performing configuration necessary to place the module in a FIPS-Approved mode of operation. The general configuration requirements and instructions are described in the “Quick Start Installation and Configuration” section of the Citrix ADC Deployment Guide found on Citrix’s online product documentation portal.
After the NetScaler Virtual Appliance has been installed on a VMware ESXi 7.0 hypervisor, the CO is responsible for the general configuration of the module. The Web GUI (configuration utility) or CLI can be used for the general configuration of the module. All general configuration steps must be complete before performing configuration necessary to place the module in a FIPS-Approved mode of operation. The general configuration requirements and instructions are described in the “Quick Start Installation and Configuration” section of the Citrix NetScaler Deployment Guide found on Cloud Software Group’s online product documentation portal.
The CO is responsible for the security-relevant configuration of the module. To initialize the module for the approved mode of operation, the CO must: • • • • • Configure the passphrase requirements Replace the default TLS certificate Disable HTTP access to the Web GUI Enable external authentication Disable local authentication To accomplish these tasks, the CO must follow the procedures detailed in the sections below (for more information, please see the “Configuration Guidelines” section of the document entry Citrix ADC Deployment Guide. Once the CO has completed all configuration steps, the CO shall review all saved settings to ensure they match the required settings as documented in the configuration guidance below. If properly set, the module is considered to be operating in the FIPS-Approved mode. 11.1.4.1 Configure the Passphrase Requirements Passphrases are used to derive keys using PBKDF. The CO must configure strong passphrase requirements. This is accomplished with the following steps from the Web GUI:
November 25, 2025
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
11.1.4.5 November 25, 2025 Disable Local Authentication The nsroot account is a default account with root CLI access (superuser) privileges that is required for initial configuration. During initial configuration, the CO shall disable local system authentication to block access to all local accounts (including the nsroot account), and the CO must ensure that superuser privileges are not assigned to any user account. To disable local system authentication and enable external system authentication, the CO must run the following CLI command: set system parameter -localauth disabled
No additional startup steps are required to be performed by end-users. 11.2 Administrator Guidance Once installed and configured, the Crypto Officer is responsible for maintaining and monitoring the status of the module to ensure that it is running in its FIPS-Approved mode. Please refer to this section for guidance that the Crypto Officer must follow to ensure that the module is operating in a FIPS-Approved manner.
Although pre-operational self-tests are performed automatically during module power up, they can also be manually launched on demand. Self-tests can be executed by:
There are many CSPs within the module’s cryptographic boundary including symmetric keys, private keys, public keys, and passphrases. CSPs reside in multiple storage media including the RAM and system memory of the host platform. All ephemeral keys are zeroized on module reboot, power removal, or session termination. KEK fragments 1 and 2 are stored as plaintext in non-volatile memory. Zeroizing the KEK fragments render all passphrases and passwords stored in the non-volatile memory unrecoverable, effectively zeroizing them. The KEK fragments are zeroized via the following CLI command: rm system csps -type KEK SSH private keys are stored as plaintext in non-volatile memory. SSH private keys are zeroized via the following CLI command: NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 rm system csps -type SSH_HOST_KEYS The output (indicator) of both zeroization commands above is successful return from the command line without any error showing on the console. If the commands fails, an error will show on the console before returning control to the user. After the module’s integrity test is complete the software clears out all values when the signature verification operation is complete (zeroizes temporary values used in the integrity test).
The CO shall be responsible for regularly monitoring the module’s status for the FIPS-Approved mode of operation. When configured according to the CO’s guidance, the module only operates in the FIPS-Approved mode. Thus, the current status of the module when operational is always in the FIPS-Approved mode. An operator can obtain the module’s operational status by reviewing the configuration settings. If set per the guidance documented in section 11.1.4 above, this indicates that the module is operating in the FIPS-Approved mode. An operator can view the versioning information by:
NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
This section notes additional policies below that must be followed by COs:
11.3 November 25, 2025 Non-Administrator Guidance Operators with the User role do not have the ability to configure sensitive information on the module. They must be diligent to select strong passwords and must not reveal their password to anyone. Additionally, they must be careful to protect any secret or private keys in their possession. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 12. Mitigation of Other Attacks The module does not claim to mitigate any attacks beyond the FIPS 140-3 Level 1 requirements for this validation. Therefore, per ISO/IEC 19790:2012 section 7.12, requirements for this section are not applicable. NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
| Name | Term | Definition |
|---|---|---|
| AES | AES | Advanced Encryption Standard |
| API | API | Application Programming Interface |
| CBC | CBC | Cipher Block Chaining |
| CCCS | CCCS | Canadian Centre for Cyber Security |
| CMVP | CMVP | Cryptographic Module Validation Program |
| CO | CO | Cryptographic Officer |
| CPU | CPU | Central Processing Unit |
| CTR | CTR | Counter |
| CVL | CVL | Component Validation List |
| DEP | DEP | Default Entry Point |
| DES | DES | Data Encryption Standard |
| DH | DH | Diffie-Hellman |
| DRBG | DRBG | Deterministic Random Bit Generator |
| ECB | ECB | Electronic Code Book |
| ECC CDH | ECC CDH | Elliptic Curve Cryptography Cofactor Diffie-Hellman |
| ECDH | ECDH | Elliptic Curve Diffie-Hellman |
| ECDSA | ECDSA | Elliptic Curve Digital Signature Algorithm |
| EMI/EMC | EMI/EMC | Electromagnetic Interference /Electromagnetic Compatibility |
| FIPS | FIPS | Federal Information Processing Standard |
| GCM | GCM | Galois/Counter Mode |
| GMAC | GMAC | Galois Message Authentication Code |
| GPC | GPC | General-Purpose Computer |
| HMAC | HMAC | (keyed-) Hash Message Authentication Code |
| KAS | KAS | Key Agreement Scheme |
| KAT | KAT | Known Answer Test |
| KTS | KTS | Key Transport Scheme |
| KW | KW | Key Wrap |
| KWP | KWP | Key Wrap with Padding |
| NIST | NIST | National Institute of Standards and Technology |
| OS | OS | Operating System |
| PCT | PCT | Pairwise Consistency Test |
| PKCS | PKCS | Public Key Cryptography Standard |
| PSS | PSS | Probabilistic Signature Scheme |
| RNG | RNG | Random Number Generator |
| RSA | RSA | Rivest, Shamir, and Adleman |
| SHA | SHA | Secure Hash Algorithm |
| SHS | SHS | Secure Hash Standard |
| SP | SP | Special Publication |
| TDES | TDES | Triple Data Encryption Standard |
November 25, 2025 Appendix A. Acronyms and Abbreviations Table 27 provides definitions for the acronyms and abbreviations used in this document. Table 27. Acronyms and Abbreviations NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
November 25, 2025 NetScaler Virtual Appliance 13.1.FIPS ©2025 Cloud Software Group
Prepared by: Corsec Security, Inc.
Fairfax, VA 22033 United States of America Phone: +1 703 267 6050 Email: info@corsec.com Web: www.corsec.com