Optrics Call Answer Guarantee

Direct: 1-780-430-6240

If you have any questions, call us during regular business hours, and you will always speak with a person.
Monday to Friday, 8am - 5pm MST

FIPS Information

What is FIPS 140-2 Validation?

FIPS 140-2 is a standard first published in 2001 by the U. S. National Institute of Standards and Technology (NIST), a non-regulatory agency of the U. S. Department of Commerce.

Read the FIPS 140-2 WhitePaper

NIST works to establish various standards that the U.S. military and various government agencies must abide by. Vendors, contractors, and any organization working with government or military must comply with FIPS as well.

Why is FIPS Validation Important?

Many solutions claim to be "FIPS compliant." This phrase is simply a claim that the solution aligns with FIPS requirements. However, to truly comply with FIPS, a solution needs to be FIPS validated. FIPS validation involves submitting detailed documentation and source code to NIST's testing laboratories - a process that takes six to nine months on average. Consequently, creating FIPS-validated solutions not only involves using approved algorithms, but also providing software that is well documented, well engineered, and is easily testable.

What Types of Organizations Require FIPS?

Federal and state government agencies that deal with citizens' private information are frequently required to abide by FIPS. Also, the military and its vendors must also comply to protect sensitive national-security information. Other examples typically include organizations that require high levels of privacy, including financial institutions, information-processing vendors, healthcare-related vendors, educational institutions, and utilities.

However, the FIPS standard is still relevant to companies that may not be required to comply with government encryption regulations. The FIPS standard is appropriate for just about any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.

FIPS-Certified Protocols and Ciphers

As part of its FIPS solution, Ipswitch's WS_FTP FIPS Mode supports Triple DES, 256-bit AES, SHA 1, SHA 256, and SHA 512 for encryption, and HMAC SHA 1 for message authentication.

Ipswitch's MOVEit FIPS Mode supports 256-bit AES, SHA 1 for encryption, and HMAC SHA 1 for message authentication.

The following explains our FIPS solutions' algorithms, FIPS certificates, and transport details.

Algorithms and Certificates

MOVEit DMZ and MOVEit Central are certified by FIPS 140-2 under certificate 310. WS_FTP Server is certified by FIPS 140-2, certificate 918 (under Open SSL).

Algorithm Name	Standard	Ipswitch Application	NIST Certificate
Triple DES	SP800-67	WS_FTP Server	613
256-bit AES	FIPS 197	WS_FTP Server	668
256-bit AES	FIPS 197	MOVEit	30
SHA 1	FIPS 186-2	WS_FTP Server	352
SHA 1	FIPS 186-2	MOVEit	124
SHA 256 SHA 512	FIPS 186-2	WS_FTP Server	352
HMAC SHA 1	FIPS 198	WS_FTP Server	352
HMAC SHA 1	FIPS 198	MOVEit	124

Back to features...>>

0 Items In Cart
Total: $0.00
>> Checkout Now

WS_Ping ProPack

IMail Server

Ipswitch Collaboration Suite

Ipswitch Instant Messaging

WS_FTP Home

WS_FTP Pro

WS_FTP Server

Account Information:



Home


Search


Sign In


My Account


Checkout

Home

Products

My Account

Shopping Cart

Site Map

Email Us:
info@Ipswitch.ca

This site is
monitored by
WhatsUp Gold

Canada
6810 - 104 St.
Edmonton, AB, Canada
T6H 2L6
Fax: 780-432-5630
Toll Free: 1-877-463-7638
Direct: 1-780-430-6240

U.S.A.
1740 S 300 West #10
Clearfield, UT, U.S.A.
84015-3575
Fax: 801-705-3150
Toll Free: 1-877-386-3763
Direct: 1-780-430-6240

IPSWITCH.CA is a subsidiary of Optrics Inc., an Ipswitch Premier Partner. Optrics specializes in IT and network-related software & hardware solutions.
View our Privacy Policy.

All Registered Trademarks on this site are the property of the respective owners.
Copyright 2012 IPSWITCH.CA^TM
www.Optrics.com