Is the Symantec Endpoint Encryption 11.X cryptographic module (Symantec PGP Cryptographic Engine version 4.3) a validated FIPS 140-2 cryptographic module?
Yes, the Symantec PGP Cryptographic Engine version 4.3 is a validated FIPS 140-2 cryptographic module.
Note: Symantec Endpoint Encryption 11 FIPS validation is set to sunset in June 2020. As re-validation is needed, Symantec Enterprise Division is currently awaiting NIST to complete the validation process. A public URL is available to check that this validation is taking place:
For more details on this, please contact Symantec Enterprise Division support.
FIPS 140 details
The Cryptographic Module Validation Program webpage http://csrc.nist.gov/groups/STM/cmvp/index.html has the following description of the importance of FIPS 140-2 to US federal agencies:
FIPS 140-2 precludes the use of unvalidated cryptography for the cryptographic protection of sensitive or valuable data within Federal systems. Unvalidated cryptography is viewed by NIST as providing no protection to the information or data - in effect the data would be considered unprotected plaintext. If the agency specifies that the information or data be cryptographically protected, then FIPS 140-2 is applicable. In essence, if cryptography is required, then it must be validated.
The FIPS 140 validation certificate 2377, for Symantec PGP Cryptographic Engine, is posted on the Cryptographic Module Validation Program website at: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2015.htm#2377
To check which Cryptographic engine you are using with Symantec Endpoint Encryption, right-click the "PGPce.dll" file in the "c:\Program Files\Symantec\Endpoint Encryption Clients\Drive Encryption" folder, and click the "Details" tab to check the "File Version" value. If the value is 4.3 as mentioned above, the client is covered by FIPS validation. The SEE client is always running with the FIPS validated module.
For Symantec Endpoint Encryption 8.2.1 and FIPS validation information, see article HOWTO101701.
For Symantec Encryption Desktop 10.x and Symantec Encryption Management Server 3.x and FIPS validation information, see article https://knowledge.broadcom.com/external/article?articleId=178330.