Which VanDyke Software products support FIPS 140-2?

VanDyke Software has partnered with RSA Security, Inc. to use the BSAFE Crypto-C Micro Edition cryptography module which has been tested by Atlan Laboratories, an accredited testing laboratory for FIPS compliance. This module has met all Level 1 requirements for FIPS 140-2 compliance when operated in FIPS Mode. The product versions that can run in FIPS mode are shown below. Click the certificate number below to review the FIPS Validation Certificate for the BSAFE module used by the specified product.

If you need to protect data in transit as outlined by FIPS 140-2 or NIST 800-53, these products now have an administrator option to run in "FIPS Mode". When this option is set, only FIPS-approved algorithms are allowed.

FIPS-approved algorithms: The following FIPS-approved Cryptographic algorithms are used: DSA (Cert. #143); Triple-DES (Cert. #378); AES (Cert, #303); RSA (Cert. #96); SHA-1; Diffie-Hellman (used for key exchange in SSH2 is allowed in FIPS Mode but not approved).

The following algorithms are not available in FIPS Mode: MD5; Twofish; Blowfish; RC4.

VanDyke Software products are a secure replacement for Telnet and FTP, providing end-to-end protection for data in transit that meets Federal recommendations. VShell server combines strong security with simple configuration. SecureCRT and SecureFX clients provide an excellent combination of strong security, capacity for customization, and ease of use.

		SecureCRT is a terminal emulator for secure access to network devices and business applications on UNIX, Linux, or VMS systems. Built on IETF standard protocols, SecureCRT supports SSH2, SSH1, Telnet, Telnet/SSL, Serial, and other protocols. SecureCRT has file transfer capability and saves time by eliminating many repetitive manual tasks.
		SecureFX is a high-security file transfer client with flexibility in configuration and transfer protocols. It supports "relentless" file transfers that automatically reconnect and resume when connections are broken. SecureFX includes a command-line utility for scripting batch jobs to perform unattended file transfers.
		The VShell server lets you close Telnet and FTP security holes with a secure, professionally supported, open-standard solution. The VShell advantage is the high degree of control over user access to features and files, and the ability to use trigger conditions to accelerate and automate system response.

What are FIPS?

Under the Information Technology Management Reform Act (Public Law 104-106), standards and guidelines are developed by the National Institute of Standards and Technology (NIST) for Federal computer systems. These standards and guidelines are issued by NIST as Federal Information Processing Standards (FIPS) for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions.

FIPS documents are available online through the FIPS home page.

What are the requirements set forth in FIPS 140-2?

The NIST Cryptographic Module Validation (CMV) Program was announced on July 17, 1995. This program validates cryptographic modules for conformance to FIPS PUB 140-1 and FIPS PUB 140-2, Security Requirements for Cryptographic Modules. The "Applicability" section of FIPS PUB 140-2 states that:

"This standard is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract."