You can configure VMware Aria Operations for Logs to ensure FIPS (Federal Information Processing Standards) compliance for better security. This set of standards describes document processing, encryption algorithms, and other information technology standards for use within United States' non-military government agencies and by government contractors and vendors who work with the agencies. When you activate FIPS, VMware Aria Operations for Logs uses the FIPS 140-2 standard with Security Level 1, which specifies basic security requirements to protect sensitive or valuable data.

For information about how different VMware products support FIPS 140-2, see https://www.vmware.com/security/certifications/fips.html.

VMware Aria Operations for Logs uses Apache Thrift for node-to-node communication. Activating FIPS automatically enables Thrift over SSL, which makes this communication more secure. However, you can also enable Thrift over SSL without activating FIPS. For more information, see https://kb.vmware.com/s/article/82299.

Prerequisites

Verify that you are logged in to the VMware Aria Operations for Logs web user interface as a Super Admin user, or a user associated with a role that has the relevant permissions. See Create and Modify Roles for more information. The URL format of the web user interface is https://operations-for-logs-host, where operations-for-logs-host is the IP address or host name of the VMware Aria Operations for Logs virtual appliance.

Procedure

  1. Expand the main menu and navigate to Configuration > General.
  2. In the FIPS Mode pane, click the Activate FIPS Mode toggle button to activate FIPS.
    Caution: Once you activate FIPS, you cannot deactivate it.
  3. Click Save.

Results

When you save the FIPS configuration, all the nodes are rebooted. You have to wait for a few minutes before you can use VMware Aria Operations for Logs again.