지금 지원 담당자와 채팅
지원 담당자와 채팅

Secure Copy 7.5.1 - Deployment Guide

A. Overview

Secure Copy 7.5.1 can be successfully deployed in a FIPS environment by following the procedure described in this document.

B. Audience

The audience for this document are technical implementation consultants deploying Secure Copy.

C. Cryptographic usage

Secure Copy relies on the following Third-Party cryptographic libraries for its cryptographic needs

Cryptographic usage

Cryptographic algorithm

Cryptographic parameters

Communication

SMB v2, SMB V3

HMAC-SHA256, AES-128-CMAC, AES-128-GCM

Symmetric encryption of bulk data(email password)

ProtectedData

DataProtectionScope.LocalMachine

AES256 – CBC Mode

Symmetric encryption of secrets(licensed server list)

ProtectedData

DataProtectionScope.LocalMachine

AES256 – CBC Mode

Asymmetric encryption of secrets

N/A

N/A

Signing

N/A

N/A

Hashing

DPAPI

SHA512

DataProtectionScope.LocalMachine

SHA512

D. Background

To execute in a FIPS compliant mode, a Windows environment requires the Microsoft Policy “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing” setting enabled.

Microsoft states that “This policy is only advisory to applications. Therefore, if you enable the policy, it does not make sure that all applications will comply”.

Secure Copy leverages Microsoft’s CryptoAPI (CAPI) and CryptoAPI Next Generation (CNG) for its cryptographic needs.

Microsoft Product Relationship with CNG and CAPI libraries is documented here: https://technet.microsoft.com/en-us/library/cc750357.aspx

“Rather than validate individual components and products, Microsoft chooses to validate only the underlying cryptographic modules. Subsequently, many Windows components and Microsoft products are built to rely on the Cryptographic API: Next Generation (CNG) and legacy Cryptographic API (CAPI) FIPS 140 validated cryptographic modules. Windows components and Microsoft products use the documented application programming interfaces (APIs) for each of the modules to access various cryptographic services.

셀프 서비스 도구
지식 기반
공지 및 알림
제품 지원
소프트웨어 다운로드
기술 설명서
사용자 포럼
비디오 자습서
RSS 피드
문의처
라이센싱 지원가져오기
기술 지원
모두 보기
관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택