Change Auditor 7.0.2 - FIPS Compliance User Guide

Prerequisites

The following prerequisites are necessary to set up an environment for FIPS Mode.

Installation and Operation

To ensure FIPS compliance for your Change Auditor deployment, all Change Auditor components must be v7.0.2 or later.

FIPS compliant practices are implemented in Change Auditor wherever possible. The following subsystems guarantee FIPS compliant communications:

All other subsystems are not considered completely FIPS compliant due to limitations related to handling and passing of data through communications with external products.

With the introduction of webhooks and event subscriptions in Change Auditor 7.0, you can configure Change Auditor to send event data to external sources. As the receiver of the data is customized and defined by each individual customer, you are responsible to verify the FIPS Compliance of the event data receiver. This includes generic webhook subscriptions created with Change Auditor PowerShell commands and subscriptions created in the Windows client for supported SIEM tools such as Splunk, ArcSight and QRadar.

In addition, when configuring subscriptions, you must use TLS enabled communication between Change Auditor and the event receivers to ensure FIPS compliance.

 

相关文档