FIPS 140-2 accreditation validates that an encryption solution meets a specific set of requirements designed to protect the cryptographic module from being cracked, altered, or otherwise tampered with. When FIPS 140-2 mode is enabled, any secure communication to or from vRealize Operations 8.4 and above uses cryptographic algorithms or protocols that are allowed by the United States Federal Information Processing Standards (FIPS). FIPS mode turns on the cipher suites that comply with FIPS 140-2. Security related libraries that are shipped with vRealize Operations 8.4 and above are FIPS 140-2 certified. However, the FIPS 140-2 mode is not enabled by default. FIPS 140-2 mode can be enabled if there is a security compliance requirement to use FIPS certified cryptographic algorithms with the FIPS mode enabled.
Enable FIPS during the initial cluster deployment
- Ensure a new deployment of a vRealize Operations cluster.
- Ensure that the flag is appropriately used during the deployment of cluster nodes (OVF/OVA).
- Navigate to https://<VROPS IP>/admin/index.action.
- Login as an admin user.
- Take the cluster offline to activate the Administrator Settings page. button in the
- Open the Administrator Settings tab in the left panel.
- Click FIPS Setting section. under the
- Bring the cluster online.
Verify that FIPS mode is Enabled
- Navigate to https://<VROPS IP>/admin/index.action.
- Login as the admin user.
- Open the Administrator Settings tab from the left panel.
- A FIPS 140-2 Status message appears.