FIPS 140-2

Your system supports the Federal Information Processing Standard 140-2 (FIPS 140-2). FIPS 140-2 is a standard published by the National Institute of Standards and Technology (NIST) and is used to accredit cryptographic modules in software components. The US Federal government requires that all IT products dealing with Sensitive, but Unclassified (SBU) information meet these standards.

If your system needs to be FIPS 140-2 compliant, you can enable FIPS. Once you do so, the system uses the cryptographic algorithms defined by the NIST for FIPS 140-2 for all encrypted communication between its internal and external components. 

Note: Do not perform any FIPS-related activity on the appliance while a FIPS mode change is in progress.

To be fully FIPS 140-2 compliant, all components that work together need to be in FIPS mode. For example, when you enable FIPS on ArcSight Management Center, the appliance becomes FIPS enabled and meets the standards for cryptographic algorithms defined by the NIST. However, containers must also have FIPS enabled.

Note: In ArcSight Management Center, enabling FIPS mode will disable the ability to regenerate a self-signed certificate.

To enable or disable FIPS mode:

  1. Click Administration > Setup > System Admin from the top-level menu bar.

  2. Click FIPS 140-2 in the Security section in the left panel.

  3. Click Enable or Disable for the Select FIPS Mode option.

  4. Click Save.

  5. When the Application Reboot Required message displays, restart your system.click the System Reboot link.

  6. Check that the appropriate CA certificates are present in the trust store so that connectors can validate their destinations (ArcSight ESM or ArcSight Management Center) successfully. If the appropriate CA certificates are not in the trust store, you need to add them. For information on viewing and adding certificates, see Sending a Command to a Container.