The selective application of technological and related procedural safeguards is an important responsibility of every Federal organization in. FIPS (Federal Information Processing Standard) is the benchmark for validating the effectiveness of cryptographic hardware. If a product has a FIPS You need to know if Symantec Endpoint Encryption(SEE) and/or Guardian Edge Hard Drive (GEHD) encryption is a validated FIPS and/or
|Country:||Sao Tome and Principe|
|Published (Last):||4 December 2015|
|PDF File Size:||13.39 Mb|
|ePub File Size:||2.19 Mb|
|Price:||Free* [*Free Regsitration Required]|
What is FIPS and
The Government of Canada also recommends the use of FIPS validated cryptographic modules in unclassified applications of its departments. Darren Moffat, Oracle Solaris. Please help improve this article by adding citations to reliable sources. FIPS does not purport to provide sufficient conditions to guarantee that a module conforming to its requirements is secure, still less that a system built using such modules is secure.
Retrieved from ” https: This article relies too much on references to primary sources.
Home Questions Tags Users Unanswered.
Please improve this by adding secondary or tertiary sources. Views Read Edit View history.
Is Symantec Endpoint Encryption a validated FIPS 140-1 and FIPS 140-2 Cryptographic Module?
I tried googling for this info but it’s not easily available because FIPS is now fipps old. Articles lacking in-text citations from July All articles lacking in-text citations Articles needing additional references from August All articles needing additional references Articles lacking reliable references from January All articles lacking reliable references Articles with multiple maintenance issues Articles containing potentially dated statements from December All articles containing potentially dated statements.
FIPS is a new version of the standard which is currently under development. If a product contains countermeasures against these attacks, they must be documented and tested, but protections are not required to achieve a given level. For Levels 2 and higher, the operating platform upon which the validation is applicable is also listed.
Vendors do not always maintain their baseline validations. The National Institute of Standards and Technology NIST issues the Publication Series to coordinate the requirements and standards for cryptographic modules which include both hardware and software components for 1140-1 by departments and agencies of the United States federal government. Sign up or log in Sign up using Google.
FIPSissued on 11 Januarywas developed by a government and industry working group, composed of vendors and users of cryptographic equipment.
The requirements cover not only the cryptographic modules themselves but also their documentation and at the highest security level some aspects of the comments contained in the source code. Please help improve it or discuss these fip on the talk page.
This article needs additional citations for verification. You can no longer have a product validated under FIPSbecause it is no longer a current standard.
Email Required, but never shown.
Is Symantec Endpoint Encryption a validated FIPS and FIPS Cryptographic Module?
July Learn how and when to remove this template message. This page was last edited on 12 Marchat In addition to the specified levels, Section 4. Due to dips way in which the validation process is set up, 1400-1 software vendor is required to re-validate their FIPSvalidated module for every change, no matter how small, to the software; this re-validation is required even for obvious bug or security fixes. Since validation is an expensive process, this gives software vendors an incentive to postpone changes to their software and can result in software that does not receive security updates until the next validation.
August Learn how and when to remove this template message. The -1 or -2 part is a version number. Sign up using Facebook.
January Learn how and when to remove this template message. FIPSissued on 410-1 Maytakes account of changes in available technology and official standards sinceand of comments received from the vendor, tester, and user communities. Please help to improve this article by introducing more precise citations. The draft issued on 11 Sephowever, reverted to four security levels and limits the security levels of software to levels 1 and 2.
This article includes a list of referencesbut its sources remain unclear because it has insufficient inline citations. Learn how and when to remove these template messages. This article has multiple issues.