FIPS Compliance for Flowlink
This section describes the operational requirements for compliance with Federal Information Processing Standard (FIPS) 140-2 for Illumio Flowlink.
The Federal Information Processing Standard Publication (FIPS PUB) 140-2 is a U.S. government computer security standard used to approve cryptographic modules. An authorized cryptographic equipment assessment laboratory has tested and verified that Flowlink faithfully incorporates the use of cryptographic functions provided by the FIPS 140-2 validated modules as it applies to data in transit.
FIPS Prerequisites
The server on which Flowlink is installed must be running a FIPS-validated version of RHEL 8 -- such as RHEL 8.2 -- in FIPS mode and satisfy the Security Policy as stated in Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module version rhel8.20200305.1
Enable Flowlink FIPS Compliance
After installing RHEL8.x, follow the required steps in Section 9.1, Crypto Officer Guidance, Red Hat Enterprise Linux 8 OpenSSL Cryptographic Module NIST Security Policy.
Reboot the system.
After the system starts, check that FIPS mode is enabled:
$ fips-mode-setup --check
FIPS mode is enabled.
Install the Flowlink RPM using this command:
sudo rpm -ivh --nodigest illumio-flowlink-1.2.0-104.x86_64.rpm
To configure Flowlink, see Configure FlowLink.
When you've completed this procedure, Flowlink is FIPS compliant.