The Federal Information Processing Standards (FIPS) define U.S. and Canadian Government security and interoperability requirements for computer systems. The FIPS 140-2 standard specifies the security requirements for cryptographic modules. It describes the approved security functions for symmetric and asymmetric key encryption, message authentication, and hashing.
For more information about the FIPS 140-2 standard and its validation program, see the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC) Cryptographic Module Validation Program website at https://csrc.nist.gov/projects/cryptographic-module-validation-program.
SynaMan, the file sharing software published by Synametrics Technologies, Inc. is fully compliant with FIPS 140-2 specification provided guidelines mentioned on this page are met.
FIPS 140-2 defines four levels of security, simply named "Level 1" to "Level 4".
Level 1 provides lowest level of security and is enforced by configuring the software to use approved algorithms. In other words, when using SSL/TLS to transfer files, the software must use secure ciphers list on Approved Security Functions for FIPS 140-2 published by NIST
Starting v5.0, SynaMan allows a special configuration that restricts SSL handshakes only on secure/strong ciphers. Follow the steps below to enable this option:
Higher levels of FIPS compliance are related to hardware security. Since SynaMan is a 100% private solution, companies can achieve higher levels of FIPS compliance by hardening their network environment. Refer to this document for further details on how to achieve higher levels of compliance.
Enabling this option in SynaMan disable ciphers considered weak according to FIPS guidelines. This means older browsers, mobile devices and other third-party software may not be able to communicate with SynaMan using SSL when this option is enabled.
On the other hand, using this option is required if you need to share files with government organizations, mainly United States and Canada.
SynaMan is a 100% private, on-premise, file sharing solution. This means:
Contact our support department if your company policy requires you to run FIPS-Validated crypto module.