7.2 FIPS-Enabled Components in Sentinel

The following Sentinel components provide FIPS 140-2 support:

  • All Sentinel platform components are updated to support FIPS 140-2 mode.

  • The following Sentinel plug-ins that support cryptography are updated to support FIPS 140-2 mode:

    • Agent Manager Connector 2011.1r1 and later

    • Database (JDBC) Connector 2011.1r2 and later

    • File Connector 2011.1r1 and later (only if the file event source type is local or NFS)

    • LDAP Integrator 2011.1r1 and later

    • Sentinel Link Connector 2011.1r3 and later

    • Sentinel Link Integrator 2011.1r2 and later

    • SMTP Integrator 2011.1r1 and later

    • Syslog Connector 2011.1r2 and later

    • Windows Event (WMI) Connector 2011.1r2 and later

    • Check Point (LEA) Connector 2011.1r2 and later

    • Syslog Integrator 2011.1r1 and later

    For more information about configuring these Sentinel plug-ins to run in FIPS 140-2 mode, see Configuring Sentinel Plug-Ins to Run in FIPS 140-2 Mode.

The following Sentinel Connectors that support optional cryptography are not yet updated to support FIPS 140-2 mode at the time of release of this document. However, you can continue to collect events using these Connectors. For information about using these Connectors with Sentinel in FIPS 140-2 mode, see Using Non-FIPS Enabled Connectors with Sentinel in FIPS 140-2 Mode.

  • Cisco SDEE Connector 2011.1r1

  • File Connector 2011.1r1 - The CIFS and SCP functionalities involve cryptography and will not work in FIPS 140-2 mode.

  • Audit Connector 2011.1r1

  • SNMP Connector 2011.1r1

The following Sentinel Integrators that support SSL are not updated to support FIPS 140-2 mode at the time of release of this document. However, you can continue to use unencrypted connections when these Integrators are used with Sentinel in FIPS 140-2 mode.

  • Remedy Integrator 2011.1r1 or later

  • SOAP Integrator 2011.1r1 or later

Any other Sentinel plug-ins that are not listed above do not use cryptography and are not affected by enabling FIPS 140-2 mode in Sentinel. You do not need to perform any additional steps to use them with Sentinel in FIPS 140-2 mode.

For more information about the Sentinel plug-ins, see Sentinel Plug-ins website. If you want to request that any of the plug-ins that has not yet been updated be made available with FIPS support, please submit a request using Bugzilla.