Skip to main content

Aviz Networks Details FIPS Mode in Packet Broker 2.12

Aviz Networks’ Packet Broker 2.12 adds a FIPS mode that enforces FIPS 140-2 and FIPS 140-3 validated cryptographic behavior across control-plane services. For enterprise security and audit teams, the change centers on approved algorithms for SSH access and cryptographic negotiation.

Research Overview

The vendor update describes FIPS-compliant operation in Aviz Packet Broker 2.12, with enforcement of approved cryptographic standards across the platform. It frames the capability as relevant to environments where validated cryptographic enforcement is required.

The post ties the update to the cryptographic module requirements in FIPS 140-2 and FIPS 140-3. Those standards cover how cryptographic modules implement encryption, key exchange, and authentication.

Key Findings

Aviz Packet Broker 2.12 introduces a FIPS mode that enforces compliance across control-plane services. The update states that control-plane features inherit FIPS-compliant cryptographic behavior when FIPS mode is enabled.

The blog also states that secure management access via SSH adheres to approved standards under FIPS mode. It reports extensive validation focused on SSH access and cryptographic negotiation behavior.

Technical Breakdown

The update says FIPS mode uses FIPS-compliant cryptographic libraries for services enabled under validated cryptographic modules. It also describes how the system handles negotiation outcomes for algorithms and cipher suites.

According to the post, when FIPS mode is enabled the system rejects weak ciphers such as 3DES and RC4, and blocks non-compliant MAC algorithms including MD5 even when forced. It also reports that weak or legacy key exchange mechanisms are prevented, and only strong, approved cipher suites are offered and negotiated.

Operational Impact

The blog describes operational outcomes tied to FIPS-compliant enforcement, including support for regulatory and audit requirements. It also links the feature to secure management-plane access using validated cryptography.

It further states that organizations can eliminate exposure to weak cryptographic algorithms in control-plane interactions. The post says FIPS-compliant operation is available with Aviz Packet Broker 2.12.

Aviz Packet Broker 2.12 adds a FIPS mode that enforces FIPS 140-2 and FIPS 140-3 validated cryptographic behavior across control-plane services, with SSH access and negotiation rejecting specified weak algorithms. Blog Signals brief is a fact-based summary of the vendor blog.