VanDyke Software

FIPS Information

Many federal, state, and local government agencies, critical infrastructure providers like public utilities, and private sector organizations that do business over the public network with these agencies must use encryption that meets the FIPS 140-2 standard.

Which VanDyke Software products support FIPS 140-2?

VanDyke Software has partnered with RSA Security, Inc. to use the BSAFE Crypto-C Micro Edition cryptography module which has been tested by Atlan Laboratories, an accredited testing laboratory for FIPS compliance. This module has met all Level 1 requirements for FIPS 140-2 compliance when operated in FIPS Mode. The product versions that can run in FIPS mode are shown below. Click the certificate number below to review the FIPS Validation Certificate for the BSAFE module used by the specified product.

FIPS mode is only supported on Windows.

VShell® server* 2.6-3.5 (FIPS Validation Certificate 608)
VShell server 3.6-4.0 (FIPS Validation Certificate 1058)
VShell server 4.1 (FIPS Validation Certificate 0039**)
VShell server 4.2-4.6.3 (FIPS Validation Certificate 0048**)
VShell server 4.7 (FIPS Validation Certificate 4197**)
VShell server 4.8 and later (FIPS Validation Certificate 4306**)

SecureCRT® 5.1-6.1 (FIPS Validation Certificate 608)
SecureCRT 6.2-7.2 (FIPS Validation Certificate 1058)
SecureCRT 7.3 (FIPS Validation Certificate 0039**)
SecureCRT 8.0-9.1.1 (FIPS Validation Certificate 0048**)
SecureCRT 9.2 (FIPS Validation Certificate 4197**)
SecureCRT 9.3 and later (FIPS Validation Certificate 4306**)

SecureFX® 3.1-6.1 (FIPS Validation Certificate 608)
SecureFX 6.2-7.2 (FIPS Validation Certificate 1058)
SecureFX 7.3 (FIPS Validation Certificate 0039**)
SecureFX 8.0-9.1.1 (FIPS Validation Certificate 0048**)
SecureFX 9.2 (FIPS Validation Certificate 4197**)
SecureFX 9.3 and later (FIPS Validation Certificate 4306**)

* Prior to version 3.6, the 64-bit edition of VShell for Windows did not support FIPS mode.

** For a list of the tested Windows platforms, see the following web page:
https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/2294

If you need to protect data in transit as outlined by FIPS 140-2 or NIST 800-53, these products now have an administrator option to run in "FIPS Mode". When this option is set, only FIPS-approved algorithms are allowed.

FIPS-approved algorithms: The following FIPS-approved Cryptographic algorithms are used: DSA (Cert. #143); Triple-DES (Cert. #378); AES (Cert, #303); RSA (Cert. #96); SHA-1; Diffie-Hellman (used for key exchange in SSH2 is allowed in FIPS Mode but not approved).

The following algorithm is not available in FIPS Mode: Twofish.

What are FIPS?

Under the Information Technology Management Reform Act (Public Law 104-106), standards and guidelines are developed by the National Institute of Standards and Technology (NIST) for Federal computer systems. These standards and guidelines are issued by NIST as Federal Information Processing Standards (FIPS) for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions.

FIPS documents are available online through the FIPS home page.

What are the requirements set forth in FIPS 140-2?

The NIST Cryptographic Module Validation (CMV) Program was announced on July 17, 1995. This program validates cryptographic modules for conformance to FIPS PUB 140-1 and FIPS PUB 140-2, Security Requirements for Cryptographic Modules. The "Applicability" section of FIPS PUB 140-2 states that:

"This standard is applicable to all Federal agencies that use cryptographic-based security systems to protect sensitive information in computer and telecommunication systems (including voice systems) as defined in Section 5131 of the Information Technology Management Reform Act of 1996, Public Law 104-106. This standard shall be used in designing and implementing cryptographic modules that Federal departments and agencies operate or are operated for them under contract."


VanDyke Software products are a secure replacement for Telnet and FTP, providing end-to-end protection for data in transit that meets Federal recommendations. VShell server combines strong security with simple configuration. SecureCRT and SecureFX clients provide an excellent combination of strong security, capacity for customization, and ease of use.


VanDyke VShell Server Logo

VShell Server

The VShell server lets you close Telnet and FTP security holes with a secure, professionally supported, open-standard solution. The VShell advantage is the high degree of control over user access to features and files, and the ability to use trigger conditions to accelerate and automate system response.

Download

VanDyke SecureCRT Logo

SecureCRT

SecureCRT is a terminal emulator for secure access to network devices and business applications on UNIX, Linux, or VMS systems. Built on IETF standard protocols, SecureCRT supports SSH2, SSH1, Telnet, Telnet/SSL, serial, and other protocols. SecureCRT has file transfer capability and saves time by eliminating many repetitive manual tasks.

Download

VanDyke SecureFX Logo

SecureFX

SecureFX is a high-security file transfer client with flexibility in configuration and transfer protocols. It supports "relentless" file transfers that automatically reconnect and resume when connections are broken. SecureFX includes a command-line utility for scripting batch jobs to perform unattended file transfers.

Download

Customer Testimonials

  • "Thanks for the new feature and for the notification that it had been added — I don't really know of any other developer that notifies people who have given feedback like you guys do. That makes for very happy customers."

    —Burt Heymanson, SecureCRT Customer

  • "I would like to thank you for the amazing quality of service and SecureCRT support you give to us."

    —Anton Starovoytov, Solarix Networks, SecureCRT Customer

  • "Thank you for a great release! I've been actively using SecureCRT for many, many years and it's simply the best SSH client in existence!"

    —Rich Tricoche, SecureCRT Customer

Read more about VanDyke customers

VanDyke Software uses cookies to give you the best online experience. Before continuing to use this site, please confirm that you agree to our use of cookies. Please see our Cookie Usage for details.