FIPS compliant algorithms

flavor4real · Post by **flavor4real** » Nov 08, 2012 3:09 pm this post

Hello,
does Veeam 6.0 utilize FIPS compliant algorithms?

thanks,

Post by **foggy** » Nov 08, 2012 3:35 pm this post

If you are talking about web UI (Enterprise Manager), then yes, it became FIPS compliant starting right from v6. And we haven't received any FIPS-related issues reports after its release.

Post by **Gostev** » Nov 08, 2012 6:15 pm this post

All encryption algorithms we are using throughout all components of our product are FIPS compliant.

brupnick · Post by **brupnick** » Nov 08, 2012 7:29 pm this post

Gostev, is this new as of 6.5? I know that there were FIPS issues with 6.1.

Post by **Gostev** » Nov 08, 2012 8:13 pm this post

I have not heard of any FIPS-related issues since we addressed the last one in 6.0

brupnick · Post by **brupnick** » Nov 08, 2012 8:16 pm this post

I only ask because I ran into some FIPS issues with VBR 6.1. See Veeam legacy ticket 5219644.

Post by **Gostev** » Nov 08, 2012 8:23 pm this post

From the support case, I see that you were getting the following error:

Code: Select all

This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.

The fact that implementation of something is not a part of Windows Platform does not automatically render it non-compliant

lots of pieces of our product (everything that has to deal with Linux) are not a part of Windows Platform... however, all encryption algorithms we are using are still FIPS-compliant. We had to do research this a couple of years ago and look at every encryption algorithm we are using from this standpoint.

brupnick · Post by **brupnick** » Nov 08, 2012 8:29 pm this post

This might just be an issue of semantics, but seeing as how VBR is required to run on Windows, if the solution is to set "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing" to disabled, then I interpret this as VBR not being FIPS compliant (otherwise, why would I have to disable this?).

Nov 08, 2012 8:33 pm

You make a valid point too. But, you will only get this error when using Multi-OS FLR wizard, due to its reliance on Linux appliance - that's the point I was trying to make. All product's functionality that runs on Windows solely will not throw this message. Outside Windows, we do use encryption algorithms which are not "Windows Platform FIPS validated", but are still FIPS-compliant.

brupnick · Post by **brupnick** » Nov 08, 2012 8:36 pm this post

That makes complete sense. Thank you, as always, for the clarification.

R&D Forums

FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Re: FIPS compliant algorithms

Who is online