search cancel

DBMS must use NSA-approved cryptography

book

Article ID: 237970

calendar_today

Updated On:

Products

CA Performance Management - Usage and Administration DX NetOps

Issue/Introduction

The DBMS must use NSA-approved cryptography to protect classified information in accordance with the data owner's requirements.  Assuming FIPS 140-2 as the data owners requirements.

https://stigviewer.com/stig/database_security_requirements_guide/2015-06-23/finding/V-58157

 

Environment

Dx NetOps Performance Management 21.2.6+

Resolution

We do try and use high encryption algorithms like AES, SHA2 when we can.  21.2.6 moved to use AES for CADefaultCookie and SNMP profile sync.  So FIPSMode is always on now for 21.2.6+.

We use either AES or SHA2 for most, if not all, password storage controlled by us.