FIPS certification update: EEPC v7.x and Core Cryptographic Module

Version 1

    Dear customers,

     

     

    McAfee Endpoint Encryption for PC's (EEPC) version 6.1 Patch 3 obtained FIPS certification for the cryptographic module, and links to those certificates can be found below. Every patch/version of EEPC since 6.1 Patch 3 can be installed in FIPS mode. When doing so it will install the FIPS certified cryptographic module from 6.1 Patch 3, not the cryptographic module from that version. The advantage for our customers who require FIPS certification is that they can upgrade to different patch/version levels of EEPC and still retain FIPS certification.

     

     

    As an example:

    • Installing EEPC v7.0 normally (non-FIPS mode) will install the v7.0 cryptographic module and users will benefit from all of the performance benefits introduced in v7.0.
    • Installing EEPC v7.0 in FIPS mode will install the v6.1 Patch 3 cryptographic module. Users will retain their FIPS certified status however they will not benefit from the performance enhancements in v7.0.

     

     

    While this is beneficial for EEPC customers it only covers the implementation on Windows, not OS/X. There are also other McAfee products which require FIPS certified encryption capabilities. To that end, we have decided that we will create a core cryptographic module which will be shared across multiple products. This new cryptographic module will contain all of the performance improvements from EEPC v7.0 and will first be used in EEPC v7.1.

     

     

    We are very pleased to announce that McAfee Core Cryptographic Module (user) and McAfee Core Cryptographic Module (kernel) FIPS 140-2 cryptographic modules have entered into Block 1 of the validation process and is now officially listed as “Implementation Under Test (IUT)” on the NIST website. We are expecting to complete these validations in Q4 2013. These cryptographic modules are being validated at FIPS 140-2 Level 1 and are common crypto modules for usage across both McAfee Endpoint Encryption for PC (Windows and OS/X) and McAfee Endpoint Encryption for Files and Folders.

     

     

    This milestone better positions the McAfee Endpoint Encryption products for sale to federal, state, and local governments. It also shows McAfee’s continued commitment to providing customers with world-class products that have been carefully evaluated for safety, security, and reliability.

     

     

    Links:

     

     

    Best regards

     

     

    Anthony Merry

    Group Product Manager

    McAfee Endpoint Encryption