Configure LogRhythm DPAWC + DX for FIPS Mode
The DPAWC + DX deployment configuration is a two-machine deployment. The communications between the two machines must be configured for FIPS mode.
The DPAWC Appliance includes the Data Processor, Platform Manager, AIE, and Web Console. The DX Appliance runs the Data Indexer.
The DPAWC Appliance runs all LogRhythm services on a single Windows Server machine, except for the Data Indexer (DX) services. The DX services run on one RHEL or Rocky machine. Stunnel is used to encrypt the communications between the DPAWC and DX nodes using FIPS-approved algorithms. Note that these communications are already strongly encrypted; however, the implementation of the algorithms have not been formally FIPS 140-2 certified. For more information on the status of LogRhythm SIEM 7.8 and its components, see the CMVP Modules in Process List.
DPAWC System Requirements
Operating System
Minimum Certified Version - Windows Server 2016
Compatible Versions - Windows Server 2019 or 2022
Processor
Minimum Certified - Intel Xeon Gold 6136
Compatible - Intel or AMD CPUs which meet or exceed application performance requirements
Services Within the Logical Crypto Boundary
- LogRhythm Core Services
- LogRhythm Administration
- LogRhythm Web Console Services
- LogRhythm AIE Services
- LogRhythm API Services
- API Gateway
- Service Registry
- Notification Service
- TIS Client
- SQL Service
- Windows Authentication Service
DX System Requirements
Operating System
Minimum Certified Version - RHEL 7
Compatible Versions - RHEL 9.x or Rocky 9.x
Processor
Minimum Certified - Intel Xeon Gold 6136
Compatible - Intel or AMD CPUs which meet or exceed application performance requirements
Services Within the Logical Crypto Boundary
- LogRhythm DX Services
- API Gateway
- Service Registry