The Federal Information Processing Standards (FIPS) define U.S. and Canadian Government security and interoperability requirements for computer systems. The FIPS 140-2 standard specifies the security requirements for cryptographic modules. It describes the approved security functions for symmetric and asymmetric key encryption, message authentication, and hashing.
For more information about the FIPS 140-2 standard and its validation program, see the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC) Cryptographic Module Validation Program website at https://csrc.nist.gov/projects/cryptographic-module-validation-program.
SynaMan, the file sharing software published by Synametrics Technologies, Inc. is fully compliant with FIPS 140-2 specification provided guidelines mentioned on this page are met.
FIPS 140-2 defines four levels of security, simply named "Level 1" to "Level 4".
Level 1 provides lowest level of security and is enforced by configuring the software to use approved algorithms. In other words, when using SSL/TLS to transfer files, the software must use secure ciphers list on Approved Security Functions for FIPS 140-2 published by NIST
Starting v5.3, a separate installer is available for Windows and Linux on the download page.
Higher levels of FIPS compliance are related to hardware security. Since SynaMan is a 100% private solution, companies can achieve higher levels of FIPS compliance by hardening their network environment. Refer to this document for further details on how to achieve higher levels of compliance.
Enabling this option in SynaMan disable ciphers considered weak according to FIPS guidelines. This means older browsers, mobile devices and other third-party software may not be able to communicate with SynaMan using SSL when this option is enabled.
On the other hand, using this option is required if you need to share files with government organizations, mainly United States and Canada.
SynaMan is a 100% private, on-premise, file sharing solution. This means:
The FIPS compliant version of SynaMan uses the following module, which is certified by NIST.
|Module Name:||Bouncy Castle FIPS module.|
|Certificate Date:||8th February 2022|
Use the following method to validate you're running a FIPS compliant version of SynaMan.