Does Splunk support FIPS 140-2

1	Is splunk FIPS 140-2 compliant? security fips asked 12 Jan '11, 19:27 matt ♦♦ 3.5k●12●11●40 accept rate: 81%

One Answer:

oldest newest most voted

Splunk (the software) has not been submitted for FIPS 140-2 accreditation. At this time, there are no plans that I am aware of to engage in the accreditation process.

Splunk uses OpenSSL shared libraries for all encryption, and according to openssl.org, OpenSSL will never be FIPS-140-2 validated/accredited:

http://www.openssl.org/docs/fips/fipsnotes.html

Furthermore, Splunk does not use the OpenSSL FIPS Object Model, which has been uniquely validated as FIPS-140-2 compliant. At this time, we do not anticipate moving to the OpenSSL FIPS Object Model because of compatibility and portability reasons.

link

answered 12 Jan '11, 20:23

araitz ♦
7.9k●3●9●25
accept rate: 46%

edited 13 Jan '11, 00:02

Hi Araitz, could you explain more detail about "we do not anticipate moving to the OpenSSL FIPS Object Model because of compatibility and portability reasons" ? thanks

(12 May '11, 01:19) dmlee

Post your answer

toggle preview

Follow this question

Email:

RSS:

Answers

Answers + Comments

Markdown Basics

*italic* or _italic_
**bold** or __bold__
link:[text](http://url.com/ "Title")
image?![alt text](/path/img.jpg "Title")
numbered list: 1. Foo 2. Bar
to add a line break simply add two spaces to where you would like the new line to be.
basic HTML tags are also supported

learn more about Markdown

Tags:

security ×138
fips ×1

Asked: 12 Jan '11, 19:27

Seen: 1,233 times

Last updated: 12 May '11, 01:19

Does Splunk support FIPS 140-2

Follow this question

Splunk Resources

Related questions