Session Monitor FIPS 140-2 Compliance

1 Session Monitor FIPS 140-2 Compliance

The Federal Information Protection Standards, or FIPS 140-2, are security standards for federal and defense cyber security compliance, focusing on data encryption created by the National Institute of Standards and Technology (NIST).

The FIPS 140-2 standards are used in designing, implementing, and operating cryptographic modules. A cryptographic module is the set of hardware, software, and (or) firmware that implements security functions, such as algorithms and key generation. The standards also define the methods for testing and validation of the modules.

The Oracle Communications Session Monitor supports cryptographic libraries and algorithms that has been validated against FIPS 140-2 requirements.

As part of the FIPS 140-2 compliance, Session Monitor leverages the cryptographic libraries validated by the underlying Operating system (Oracle Linux 8) as well as MySQL cryptographic libraries to ensure that the offering is FIPS 140-2 compliant. When you use Session Monitor in the FIPS 140-2 mode, it provides an enhanced layer of security.

Note:

FIPS mode is not enabled by default and you must configure it.