Intel Xeon Silver 4114
Services Within the Logical Crypto Boundary
- LogRhythm Core Services
- LogRhythm Administration
- LogRhythm Web Console Services
- LogRhythm AIE Services
- LogRhythm API Services
- LogRhythm DX Services
- API Gateway
- Service Registry
- Notification Service
- TIS Client
- SQL Service
- Windows Authentication Service
- Create Windows service accounts for the LogRhythm core services. This is required when running in FIPS-approved mode. For more information, see Configure User Access Control for FIPS Mode.
Configure the Windows OS for FIPS Mode
Configuring Windows for FIPS mode ensures all .NET services and SQL server uses only FIPS-approved encryption algorithms.
- Log on to Windows as a Windows system administrator.
- Click Start, Control Panel, and Administrative Tools.
- Click Local Security Policy.
- The Local Security Settings window appears.
- In the navigation pane, click Local Policies, and then click Security Options.
- In the right-side pane, double-click System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing.
- In the dialog box that appears, click Enabled, and then click Apply.
- Click OK.
- Close the Local Security Settings window.
- Restart the computer for the change to take affect.
Download and Install the LogRhythm FIPS Package
Download the LogRhythm FIPS package (lrdpawc_fips.zip), available on the LogRhythm Community.
The package consists of several applications that are required for running the LogRhythm in FIPS mode.
- Create the directory C:\Program Files\LogRhythm\LogRhythm FIPS.
- Unzip the contents of lrdpawc_fips.zip into that directory.
The package contains:
- LogRhythm FIPS SIT application and .hsh file – lrsitapp.exe and dxsvcs.hsh
- OpenSSL 1.0.2u with FIPS Module 2.0.16 - libeay32.dll and ssleay32.dll. Used by lrsitapp.exe.
Restart all the LogRhythm services and the SQL server service.
Each LogRhythm service will indicate it is operating in FIPS-approved mode in its respective application log.