Rope Those Unsecured Filer Snapshot Dogies with NetBackup's 10.3+ FIPS-Compliant NBSM
Starting with release 10.3, NetBackup service manager (NBSM) used in dynamic network attached storage (NAS) snapshot protection is now Federal Information Processing Standards (FIPS) compliant. NBSM manages snapshot orchestration between NetBackup and many storage targets. FIPS is a set of security standards by the U.S. Department of Commerce National Institute of Standards and Technology (NIST.)
NBSM can run in FIPS compliant and non-FIPS compliant modes. So, you have the ability to turn FIPS off if there's a need to do so. However, our recommended configuration for NetBackup and NBSM and all to-be protected workloads is to run in FIPS mode whenever possible.
Our FIPS compliancy is 140-2, level 1. This compliancy matches the rest of NetBackup's FIPS-compliant features. FIPS modules at the operating system and PostgreSQL database level are used to enforce FIPS protection.
When FIPS mode is enforced, only FIPS-compliant workloads/configurations will be protected. Data-at-rest and data-in-transit will be encrypted with only FIPS-validated API(s).
A description of NBSM and its targets is available here:
https://www.veritas.com/support/en_US/doc/155729295-158413311-0/index
You can get more information about FIPS standards and compliance in general here:
https://www.nist.gov/standardsgov/compliance-faqs-federal-information-processing-standards-fips
The details of FIPS 140-2 level 1 security as defined by NIST is posted here: