Submit a ticketCall us

Cloud Workloads: Meet Your New Hybrid IT Reality
Have you found yourself in that evolving, hybrid IT grey area and wondering if cloud workloads are now part of your purview? And if so, will monitoring cloud workloads require a new set of dedicated cloud monitoring tools? Your answers: yes, they should be, and no, they don’t.

Find out how SolarWinds® Server & Application Monitor (SAM) can help you monitor your cloud workloads side by side with your on-premises workloads. Register Now.

Home > Success Center > IP Address Manager (IPAM) > IPAM Installation Guide > Stand-alone IPAM installation > Install and configure FIPS for IPAM

Install and configure FIPS for IPAM

Table of contents
No headers

Updated: June 1, 2017

You can run your IPAM product in FIPS-compliant (Federal Information Processing Standard) mode to comply with computer security and interoperability standards used by non-military US government agencies and contractors.

For the full list of tested Orion products for international standards for computer security, see this site. For a certification letter of Orion FIPS compliance, contact us with your request.

  • If FIPS compliance is required, SolarWinds recommends that you enable FIPS as part of a fresh install instead of as part of an upgrade.
  • Before you enable FIPS ensure that the hardware is FIPS-compliant. See the Microsoft Support knowledge base for more information.
  • Not all Orion Platform products are FIPS-compliant. (Undefined variable: Variables.CompanyName) recommends that you install all FIPS-compliant (Undefined variable: Variables.CompanyName) software on FIPS-compliant servers and maintain all non-compliant (Undefined variable: Variables.CompanyName) software on non-compliant servers.
File:Success_Center/Reusable_content_-_InfoDev/IPAM_Installation_Guide/IPAM_Installation_Guide/0070-Uninstall_IPAM/checkbox.gif 1. Run the SolarWinds FIPS manager

Start the SolarWinds FIPS 140-2 Manager (SolarWinds.FipsManager.exe).

By default, SolarWinds.FipsManager.exe is located in the C:\Program Files (x86)\SolarWinds\Orion folder.

File:Success_Center/Reusable_content_-_InfoDev/IPAM_Installation_Guide/IPAM_Installation_Guide/0070-Uninstall_IPAM/checkbox.gif 2. Complete FIPS configuration

Read the welcome text, and click Next. The SolarWinds FIPS 140-2 Manager confirms that the current configuration of your SolarWinds products is FIPS-compliant.

  1. If an installed product is not FIPS-compliant, click Close, remove any non-compliant Orion Platform products from the FIPS-compliant server, and run the FIPS 140-2 Manager again.
  2. If FIPS 140-2 is disabled, select Enable FIPS 140-2, and click Next.
  3. If the FIPS Manager provides a list of objects or saved network discovery definitions that are not FIPS-enabled, complete the following steps.

    To refresh the list of non-compliant objects after editing the credentials, restart the FIPS 140-2 Manager.

    • Click the non-compliant monitored node, and edit its Polling Method to be FIPS-compliant.
      1. Select SNMPv3 as the SNMP Version.
      2. Select FIPS-compliant Authentication and Privacy/Encryption methods, and provide the passwords.
      3. Click Submit.
    • Click the non-compliant network discovery, and edit SNMP credentials to be FIPS-compliant.
      1. Confirm that all SNMP credentials are SNMPv3. Delete or edit any credentials that are not FIPS-compliant SNMPv3.
      2. Confirm that all SNMP credentials use FIPS-compliant Authentication and Privacy/Encryption methods, and provide the passwords.
      3. Complete the Network Sonar Wizard using the updated credentials.
File:Success_Center/Reusable_content_-_InfoDev/IPAM_Installation_Guide/IPAM_Installation_Guide/0070-Uninstall_IPAM/checkbox.gif 3. Restart the server Click Restart now to restart all relevant SolarWinds services.

While the software is FIPS-compliant, you must choose to use FIPS-compliant polling methods, such as SNMPv3, to monitor and discover nodes.

FIPS-Compliant Methods for SNMPv3

Authentication

SHA1
Privacy or encryption AES128, AES192, AES256
Last modified

Tags

Classifications

Public