Page 5

FIPS 140-2 Security Policy

v0.5

Page 5 of 31

Introduction

This is a non-proprietary FIPS 140-2 Security Policy for Ceragon Networks, Ltd. And the

following Ceragon products: FibeAir® IP-20C, FibeAir® IP-20S, FibeAir® IP-20N,

FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX. Below are the details of the

product certified:

Hardware Version #: IP-20N, IP-20A, IP-20G, IP-20GX, IP-20C, IP-20S, IP-20-TCC-B-

MC+SD-AF: 24-T009-1|A, IP-20-TCC-B2+SD-AF: 24-T010-1|A, IP-20-TCC-B2-XG-MC+SD-

AF: 24-T011-1|A, IP-20-RMC-B-AF: 24-R010-0|A

Software Version #: CeraOS 8.3

FIPS 140-2 Security Level: 2

1.1

Purpose

This document was prepared as part of the Federal Information Processing Standard

(FIPS) 140-2 validation process. The document describes how FibeAir® IP-20C, FibeAir®

IP-20S, FibeAir® IP-20N, FibeAir® IP-20A, FibeAir® IP-20G, and FibeAir® IP-20GX meet

the security requirements of FIPS 140-2. It also provides instructions to individuals and

organizations on how to deploy the product in a secure FIPS-approved mode of operation.

The target audience of this document is anyone who wishes to use or integrate any of

these products into a solution that is meant to comply with FIPS 140-2 requirements.

1.2

Document Organization

The Security Policy document is one document in a FIPS 140-2 Submission Package. In

addition to this document, the Submission Package contains:

Vendor Evidence document

Finite State Machine

Other supporting documentation as additional references

This Security Policy and the other validation submission documentation were produced

by Acumen Security, under contract to Ceragon Networks, Ltd. With the exception of this

Non-Proprietary Security Policy, the FIPS 140-2 Submission Package is proprietary to

Ceragon Networks and is releasable only under appropriate non-disclosure agreements.

1.3

Notices

This document may be freely reproduced and distributed in its entirety without

modification.