I Need To...

Comply with FIPS 140-2

I Need To…

Comply with FIPS 140-2

Which VanDyke Software products support FIPS 140-2?

VanDyke Software has partnered with RSA Security, Inc. to use the BSAFE Crypto-C Micro Edition cryptography module which has been tested by Atlan Laboratories, an accredited testing laboratory for FIPS compliance. This module has met all Level 1 requirements for FIPS 140-2 compliance when operated in FIPS Mode. The product versions that can run in FIPS mode are shown below. Click the certificate number below to review the FIPS Validation Certificate for the BSAFE module used by the specified product.

FIPS mode is only supported on Windows.

VShell® server* 2.6-3.5 (FIPS Validation Certificate 608)
VShell server 3.6-4.0 (FIPS Validation Certificate 1058)
VShell server 4.1 (FIPS Validation Certificate 0039**)
VShell server 4.2-4.6.3 (FIPS Validation Certificate 0048**)
VShell server 4.7 (FIPS Validation Certificate 4197**)
VShell server 4.8 and later (FIPS Validation Certificate 4306**)

SecureCRT® 5.1-6.1 (FIPS Validation Certificate 608)
SecureCRT 6.2-7.2 (FIPS Validation Certificate 1058)
SecureCRT 7.3 (FIPS Validation Certificate 0039**)
SecureCRT 8.0-9.1.1 (FIPS Validation Certificate 0048**)
SecureCRT 9.2 (FIPS Validation Certificate 4197**)
SecureCRT 9.3 and later (FIPS Validation Certificate 4306**)

SecureFX® 3.1-6.1 (FIPS Validation Certificate 608)
SecureFX 6.2-7.2 (FIPS Validation Certificate 1058)
SecureFX 7.3 (FIPS Validation Certificate 0039**)
SecureFX 8.0-9.1.1 (FIPS Validation Certificate 0048**)
SecureFX 9.2 (FIPS Validation Certificate 4197**)
SecureFX 9.3 and later (FIPS Validation Certificate 4306**)

* Prior to version 3.6, the 64-bit edition of VShell for Windows did not support FIPS mode.

** For a list of the tested Windows platforms, see the following web page:

If you need to protect data in transit as outlined by FIPS 140-2 or NIST 800-53, these products now have an administrator option to run in "FIPS Mode". When this option is set, only FIPS-approved algorithms are allowed.

FIPS-approved algorithms: The following FIPS-approved Cryptographic algorithms are used: DSA (Cert. #143); Triple-DES (Cert. #378); AES (Cert, #303); RSA (Cert. #96); SHA-1; Diffie-Hellman (used for key exchange in SSH2 is allowed in FIPS Mode but not approved).

The following algorithm is not available in FIPS Mode: Twofish.

What are FIPS?

Under the Information Technology Management Reform Act (Public Law 104-106), standards and guidelines are developed by the National Institute of Standards and Technology (NIST) for Federal computer systems. These standards and guidelines are issued by NIST as Federal Information Processing Standards (FIPS) for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions.

FIPS documents are available online through the FIPS home page.

What are the requirements set forth in FIPS 140-2?

The NIST Cryptographic Module Validation (CMV) Program was announced on July 17, 1995. This program validates cryptographic modules for conformance to FIPS PUB 140-1 and FIPS PUB 140-2, Security Requirements for Cryptographic Modules. The "Applicability" section of FIPS PUB 140-2 states that:

"This standard is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract."

VanDyke Software products are a secure replacement for Telnet and FTP, providing end-to-end protection for data in transit that meets Federal recommendations. VShell server combines strong security with simple configuration. SecureCRT and SecureFX clients provide an excellent combination of strong security, capacity for customization, and ease of use.

VanDyke Software helps you achieve the right balance between strong security and easy access to the network from anywhere... at any time.

Take the next step right now:

  1. Download evaluation copies of VanDyke Software products.
  2. Read our Secure Shell white papers.
  3. Contact us for assistance in designing the right solution for your organization.

VanDyke VShell Server Logo

VShell Server

VShell server, a secure alternative to Telnet and FTP with additional data tunneling services, is a secure portal to a server's resources and the network. VShell provides secure authentication, strong encryption, and data integrity using the open Secure Shell protocol (SSH2).


VanDyke SecureCRT Logo


SecureCRT is an extremely customizable terminal emulator with support for Secure Shell (SSH1 and SSH2) as well as Telnet, Telnet/TLS, Rlogin, serial, and TAPI protocols. SecureCRT is ideal for connecting to remote systems running Windows, UNIX, and VMS.


VanDyke SecureFX Logo


SecureFX is a high-security file transfer client with great flexibility in configuration and transfer protocols. SecureFX includes a command-line utility for scripting batch jobs to perform secure unattended file transfers and also supports "relentless" file transfers that automatically reconnect and resume when connections are broken.


VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.