Recent Content
FIPS 140-2 Product Status
FIPS 140-2 Federal Information Processing Standard 140-2 (FIPS 140-2) validation is important to any vendor selling cryptography to the Federal market space. If your IT product utilizes any form of encryption, it will likely require validation against the FIPS 140-2 criteria by the Cryptographic Module Validation Program (CMVP) run jointly by the National Institute of Standards and Technology (NIST), in the United States and Communications Security Establishment (CSE) in Canada before it can be sold and installed in a Federal agency or DoD facility. FIPS 140-2 describes US Federal government requirements that IT products should meet for Sensitive, but Unclassified (SBU) use. The standard was published by the NIST, has been adopted by the CSE, and is jointly administered by these bodies under the umbrella of the CMVP. The standard defines the security requirements that must be satisfied by a cryptographic module used in a security system protecting unclassified information within IT systems. There are four levels of security: from Level 1 (lowest) to Level 4 (highest). These levels are intended to cover the wide range of potential applications and environments in which cryptographic modules may be deployed. The security requirements cover areas related to the secure design and implementation of a cryptographic module. These areas include basic design and documentation, module interfaces, authorized roles and services, physical security, software security, operating system security, key management, cryptographic algorithms, electromagnetic interference/electromagnetic compatibility (EMI/EMC), and self-testing. Please refer here for additional information regarding FIPS 140-2 requirements, including NIST links. Veritas Validated Products List Listed below are the Veritas products with a status as to whether a listed product is: FIPS 140-2 validated Product uses an existing encryption module (Veritas or 3rd party) and has gone through a "private label" validation process Compliant Product uses an existing validated 3rd party module, but has not explicitly obtained a private validation from NIST N/A Product does not contain an encryption module Not at this time Product has an encryption module but is not FIPS 140-2 validated at this time This snapshot in time below involves an in flux product line so there are no guarantees as to accuracy, but we try to keep this updated with the current status/FIPS 140-2 status per products. Veritas does not certify that all its software and hardware products, services or appliance solutions are compliant or validated per FIPS 140-2 requirements. For questions regarding FIPS 140-2 statuses/content herein or to note an updated FIPS product status, please contact xyz@veritas.com. VERITAS PRODUCT NAME STATUS HAS ENCRYPTION MODULE ENCRYPTION MODULE TYPE APPLICATIONHA 6.1 Not at this time Yes OpenSSL BACKUP EXEC 2014 FIPS Compliant Yes OpenSSL version 0.9.8y CLEARWELL Not at this time Yes MS CAPI (Microsoft Crypto API) CLUSTER SERVER 6.1 S64 LINUX FIPS Validated Yes OpenSSL CLUSTER SERVER 6.1 UNIX FIPS Validated Yes OpenSSL CLUSTER SERVER 6.1 WINDOWS Not at this time Yes OpenSSL CLUSTER SERVER HA/DR 6.1 S64 LINUX FIPS Validated Yes OpenSSL CLUSTER SERVER HA/DR 6.1 UNIX FIPS Validated Yes OpenSSL CLUSTER SERVER HA/DR 6.1 WINDOWS Not at this time Yes OpenSSL DATA INSIGHT 4.5 Not at this time Yes DISASTER RECOVERY ADVISOR 6.3 N/A No Veritas does not own source code ENTERPRISE VAULT 11.0 FIPS Validated Yes Veritas Enterprise Vault Cryptographic Module (Software Version: 1.0) NETBACKUP 7.6 BIOMNI FRONT OFFICE COMPLETE Not at this time Yes NETBACKUP 7.6 CROSS PLATFORM In Progress Yes OpenSSL 1.0.1 NETBACKUP 7.6 UNIX In Progress Yes OpenSSL 1.0.1 NETBACKUP 7.6 WIN/LNX/SOL X64 In Progress Yes OpenSSL 1.0.1 STORAGE FOUNDATION 6.1 S64 LINUX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL STORAGE FOUNDATION 6.1 UNIX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL STORAGE FOUNDATION HA 6.1 S64 LINUX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL STORAGE FOUNDATION HA 6.1 UNIX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL STORAGE FOUNDATION HA/DR 6.1 S64 LINUX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL STORAGE FOUNDATION HA/DR 6.1 UNIX N/A No SF uses the PureDisk’s (PDDE) SDK which internally uses OPENSSL Return to Global Certification Management Program Office. Return to the Customer Trust Portal.3likes1CommentHow to use Symantec Scan Engine 5.2 content scanning technologies for direct integration with your applications or devices
One of the "best hidden secrets" in Symantes's portfolio is likely the Symantec Scan Engine. This product emerged many years ago from our integration work with large Internet carriers to provide a high-scalable, high-performance antivirus scan engine, that was easy to integrate into any kind of third party application and devices.How to Create a Video
No matter what type of content you want to post on Symantec Connect, you use the Create Content feature and complete the same basic steps. For some types of content—such as videos—you must complete a few extra steps, but as you will see, the intuitive Symantec Connect interface guides you through the process.0likes1CommentFederal Service for Technical and Export Control (FSTEK)
The Federal Service for Technical and Export Control (FSTEK) certification is required in order to sell information security systems in Russia. The regulations covering these requirements were introduced by the Russian government in July 2011. The Russian government introduced these requirements to ensure that establishments handling personal/confidential/government data are compliant with data security norms and regulations (FZ 152). The regulations detail the security requirements with which information security systems which process personal/confidential/government data need to comply. Compliance with the requirements is affirmed by a certificate granted by the Russian Government (Order of FSTEC #17, #31 and #21). For additional information, please refer to: http://fstec.ru/tekhnicheskaya-zashchita-informatsii/dokumenty-po-sertifikatsii/153-sistema-sertifikatsii/591-gosudarstvennyj-reestr-sertifitsirovannykh-sredstv-zashchity-informatsii-n-ross-ru-0001-01bi00 Veritas Product FSTEK Certificates Backup Exec 2012 TU + NDF NetBackup 7 TU + NDF Return to Global Certification Management Program Office. Return to the Customer Trust Portal.1like0CommentsFederal Identity, Credential and Access Management - FICAM
Federal Identity, Credential and Access Management (FICAM) Trust Framework Solutions (TFS) The FICAM TFS (http://idmanagement.gov/trust-framework-solutions)is the federated identity framework for the U.S. Federal Government. It includes guidance, processes, and supporting infrastructure to enable secure and streamlined citizen and business facing online service delivery. The following Norton Secure Login (NSL) and Managed Public Key Infrastructure (MPKI) certification packages are applicable to the FICAM program run by GSA. Refer to http://idmanagement.gov/approved-identity-servicesfor a list of approved identity providers. Voluntary Product Accessibility Template - NSL Authority to Offer Services for FICAM TFS Approved Identity Services MPKI Security Accreditation Decision Letter(Valid until July 2016) For additional information, please contact Adam_Madlin@symantec.com. Return to Global Certification Management Program Office. Return to the Customer Trust Portal.0likes0CommentsGlobal Certification Management Program Office
Symantec's Global Certification Management Program Office As part of the Symantec CTO Organization/Security Technology and Response (STaR) Department,a key responsibility is to oversee, maintain, and enhance through best practices employed our Symantec centralized certification management program globally. Our global staff of certification professionals actively promotes awareness of global certification best practices and provides overarching guidance and support to our product teams to walk them through the necessary business and technical channels to obtaining and maintaining Symantec product certifications. Please emailcertification supportfor further assistance. Veritas Certifications Federal Information Processing Standard Publication 140-2 (FIPS 140-2) Federal Service for Technical and Export Control (FSTEK) UK Cyber Essentials Return to the Customer Trust Portal0likes0Comments