Federal Information Processing Standards

A description of the use of Federal Information Processing Standards in the Nozomi Networks software.

You can configure the Nozomi Networks Operating System (N2OS) software to use the FIPS-140-2 approved cryptography module. The National Institute of Standards and Technology (NIST) develops Federal Information Processing Standards (FIPS) for non-military American government agencies, and government contractors, to use in computer systems.

The FIPS-140 series specifies requirements for cryptography modules within a security system to protect sensitive, but unclassified, data.

To enable FIPS mode, you must install a FIPS-enabled license. To obtain a license, refer to your Nozomi Networks representative.

Important:
To enable FIPS mode, you must be running version N2OS 22.2.1 or later.
Important:
You can only connect FIPS products to other FIPS products. The use of mixed environments is not allowed.
Important:
Enabling FIPS mode:
  • If you are running a version of N2OS that is between 22.2.1 and 23.1.0, you will need a valid FIPS license for both Guardians and Central Management Console (CMC)s
  • Beginning with version 23.1.0 or later, FIPS mode can be enabled on Guardians without a license, but packet sniffing will be disabled until a valid license is activated
  • The order of enabling FIPS on either device does not affect functionality
  • You need a FIPS license for CMCs and Remote Collectors. Upstream sensors will manage these licenses