vRealize Network Insight Cloud is pre-configured and hardened to use FIPS 140-2 validated cryptographic modules to run in FIPS compliant mode out of the box. The modules are validated to FIPS 140-2 standards by the NIST Cryptographic Module Validation Program (CMVP).

vRealize Network Insight Cloud usages the following validated modules:

FIPS Object Module Version Certificate
VMware OpenSSL 1.0.2y Certificate #3622
VMware's OpenSSL 2.0.20-vmw Certificate #3875
BC-FJA (Bouncy Castle FIPS Java API) version 1.0.2.1 Certificate #3673

You can find more information about the cryptographic modules that VMware has validated against the FIPS 140-2 standard here: https://www.vmware.com/security/certifications/fips.html.

Configure FIPS compliant Mode for Internal Connections

In vRealize Network Insight Cloud, the FIPS compliant mode is activated by default for all internal communications.

Configure FIPS Compliance Mode for External Connections

For external communication with data sources such as switches, VMware vCenter, VMware NSX, and so on, configured on customer Collector, the FIPS compliant mode is deactivated.

To activate FIPS compliant mode for such external connections, do the following:

  1. Go to Settings > System Configuration.
  2. Set the value for FIPS Mode For External Connections to Enable.
Note: Before you activate FIPS Mode For External Connections, you must ensure that all external services to which vRealize Network Insight Cloud connects must adhere to FIPS 140-2 standards.