App Control Common Criteria Certification / FIPS 140-2 Certifications
search cancel

App Control Common Criteria Certification / FIPS 140-2 Certifications

book

Article ID: 290507

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

Information on Common Criteria/FIPS 140-2 and how to enable FIPS 140-2 support for App Control.

Environment

  • App Control Server: All Supported Versions
  • App Control Agent: All Supported Versions

Resolution

Common Criteria Certification:

The Target of Evaluation for App Control included the following Server software and Agent software components:

  • App Control Server and Console version 8.8.2
  • App Control Agent for Windows version 8.7.2
  • App Control Agent for Linux version 8.7.6

The full report, certification and latest Maintenance Assurance can be accessed via the NIAP site.

 

FIPS Compliant:

The App Control Agent & Server both are FIPS compliant, and will rely on the underlying Operating System (Windows, Linux, macOS) to meet & provide the FIPS functionality. This allows App Control to be deployed by federal agencies (including contracted service providers and other organizations) requiring stringent security standards to protect sensitive information.

Enabling FIPS Mode:

  1. Verify the operating system being used supports FIPS 140.
    Note: Enabling FIPS in the Operating System may require opening a ticket with that vendor, as doing so is outside the scope of Carbon Black Support.
  2. Use the dascli or b9cli to issue the status command and verify FIPS mode in the Client Information section, example:
    Client Information
      Client:            SERVER (DOMAIN\HOSTNAME)
      MAC Address:       01:23:45:67:89:AA
      FIPS Mode:         System Enabled,Agent Enabled

Additional Information

  • FIPS is not currently supported by the macOS Agent.