FIPS (Federal Information Processing Standards) compliance comprises a set of standards developed by the US government, aimed at ensuring the security of sensitive and non-sensitive government data in computer systems and networks. Compliance with these standards is mandatory for all US federal agencies and contractors that handle sensitive information. The primary goal is to ensure that federal agencies and private organizations working with the government implement secure cryptographic methods and Key Management Systems (KMS) to safeguard sensitive data.
The National Institute of Standards and Technology recommends specific encryption and key generation techniques that a tool must adhere to for FIPS compliance. The modules conforming to FIPS 140-2 are recognized and widely used by Federal Agencies in both the U.S. and Canada to protect sensitive information.
Now, you can run OpManager in FIPS compliant mode, aligning with the standards set by the US government. Enabling FIPS mode in OpManager ensures that it becomes FIPS 140-2 compliant and operates using only FIPS-approved algorithms.
To achieve FIPS compliance for your entire environment or organization, you need to meet the following criteria:
Fresh Installation: FIPS mode can only be enabled during a fresh installation setup. We highly recommend enabling FIPS mode during the initial installation rather than upgrading OpManager.
FIPS Compliant OS: Install OpManager on a device with a FIPS compliant operating system to ensure compatibility with FIPS requirements.
SNMP v3 Credentials: As only SNMP v3 credentials are FIPS compliant, it's essential to change all SNMP credentials to SNMP v3.
Mail Server Compatibility: Ensure that your User's Mail server version is compatible with TLSv1.2 or TLSv1.3, as these versions will be supported in FIPS mode.
FIPS-Compliant Authentication and Privacy Methods: All authentication and privacy methods used in the FIPS compliant environment should adhere to FIPS 140-2 standards.
Enabling FIPS mode in OpManager ensures that, only secure and FIPS-compliant algorithms, which align with the security requirements outlined in the FIPS standards are utilized in cryptographic operations.
To enable FIPS Mode, follow these steps:
Note:
Enabling FIPS mode in OpManager brings about several significant changes to enhance security and ensure compliance with FIPS guidelines:
By enabling FIPS mode, OpManager ensures heightened security, compliance with industry standards, and protection against potential vulnerabilities that may arise from weak cryptographic protocols and algorithms. It provides a robust framework to safeguard data communication and integrations within the system while adhering to the strict FIPS guidelines.