What is FIPS?
Federal Information Processing Standard (FIPS) is a standard developed by the following two government bodies:
- The National Institute of Standards and Technology (NIST) in the United States
- The Communications Security Establishment (CSE) in Canada
FIPS standards are either recommended or mandated for use in federal-government-operated IT systems in the United States and Canada.
The FIPS 140-2 publication specifies which encryption algorithms and which hashing algorithms can be used and how encryption keys are to be generated and managed. Some hardware, software, and processes that contain the algorithms can be considered FIPS 140-2 certified, and other hardware, software, and processes that call the correct algorithms can be FIPS 140-2 compliant.
LogRhythm FIPS 140-2 Validated Modules
The following LogRhythm SIEM modules have been validated as conforming to FIPS 140-2:
|Module Name||Certificate Number||Status||Validation Date|
|LogRhythm 7.8.0 Data Processor||4275||Active||August 8, 2022|
|LogRhythm 7.8.0 Console||4288||Active||August 31, 2022|
|LogRhythm 7.8.0 Platform Manager||4289||Active||August 31, 2022|
|LogRhythm 7.8.0 System Monitor Agent||4290||Active||August 31, 2022|
|LogRhythm 7.8.0 AI Engine Server||4300||Active||September 12, 2022|
|LogRhythm Data Indexer (Linux)1||In Process||Coordination||Pending|
|LogRhythm FIPS Object Module for OpenSSL||3493||Historical||January 24, 2020|
1For more information on the status of LogRhythm Data Indexer, see the CMVP Modules in Process List.
LogRhythm Deployment Configurations Submitted for Level 1 FIPS 140-2 Certification
The LogRhythm SIEM 7.8.0 validated modules cover two specific deployment configurations: XM and DPAWC + DX.
XM Deployment Configuration
The XM deployment for FIPS 140-2 is a single-machine configuration that runs all LogRhythm services. There are no off-box communications to configure for FIPS mode.
For more details on the XM deployment configuration requirements, see Configure LogRhythm XM for FIPS Mode.
DPAWC + DX Deployment Configuration
The DPAWC + DX deployment for FIPS 140-2 is a two-machine configuration: a Red Hat Linux 7 machine that runs the Data Indexer (DX) services, and a Windows 2016 machine that runs all other LogRhythm services.