What is FIPS?
Federal Information Processing Standard (FIPS) is a standard developed by the following two government bodies:
- The National Institute of Standards and Technology (NIST) in the United States
- The Communications Security Establishment (CSE) in Canada
FIPS standards are either recommended or mandated for use in federal-government-operated IT systems in the United States and Canada.
The FIPS 140-2 publication specifies which encryption algorithms and which hashing algorithms can be used and how encryption keys are to be generated and managed. Some hardware, software, and processes that contain the algorithms can be considered FIPS 140-2 certified, and other hardware, software, and processes that call the correct algorithms can be FIPS 140-2 compliant.
LogRhythm FIPS 140-2 Certification Statement
The LogRhythm FIPS Object Module for OpenSSL for the LogRhythm NextGen SIEM has achieved FIPS 140-2 Level 1 Certification by the NIST Cryptographic Module Validation Program (CMVP). The validation was completed July 17, 2019 and January 24, 2020 under Certificate #3493.
The LogRhythm SIEM v7.8 completed FIPS 140-2 testing by the Cryptographic and Security Testing Laboratory, Leidos, Inc., and the complete set of testing documentation was submitted to NIST. For more information on the status of LogRhythm SIEM 7.8 and its components, see the CMVP Modules in Process List.
LogRhythm Deployment Configurations Submitted for Level 1 FIPS 140-2 Certification
The LogRhythm SIEM v7.8 submission covers two specific deployment configurations: XM and DPAWC + DX.
XM Deployment Configuration
The XM deployment for FIPS 140-2 is a single-machine configuration that runs all LogRhythm services. There are no off-box communications to configure for FIPS mode.
For more details on the XM deployment configuration requirements, see Configure LogRhythm XM for FIPS Mode.
DPAWC + DX Deployment Configuration
The DPAWC + DX deployment for FIPS 140-2 is a two-machine configuration: a Red Hat Linux 7 machine that runs the Data Indexer (DX) services, and a Windows 2016 machine that runs all other LogRhythm services.