Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Web Help Desk (WHD) > Web Help Desk Administrator Guide > Enable FIPS

Enable FIPS

Created by Steve.Hawkins, last modified by Anthony.Rinaldi_ret on Jul 18, 2016

Views: 260 Votes: 0 Revisions: 6

Beginning in Web Help Desk 12.4.0, you can configure a new or existing Web Help Desk deployment for Federal Information Processing Standard (FIPS) 140-2 compliant cryptography. This compliance is required for computer systems installed in U.S. Federal Government agencies and companies in a regulated industry (such as healthcare and financial institutions) that share and distribute sensitive but unclassified (SBU) information.

If you are enabling FIPS in a new deployment, complete the installation procedures for a new deployment.

If you are enabling FIPS in an existing deployment:

  1. Complete the installation procedures for an existing deployment.
  2. Prepare for the database migration by running the Password Security Migration Tool.
  3. Migrate all client and tech passwords to FIPS 140-2 cryptography.

Enabling FIPS 140-2 compliant cryptography is optional and is not required to use Web Help Desk.

Network Security Services

The FIPS cryptography implements Network Security Services (NSS)—a set of open-source cryptographic libraries developed by Mozilla that support security-enabled client and server applications. When integrated with NSS, Web Help Desk can support public-key cryptography standards #11 (PKCS #11) certificates for FIPS compliance.

All connections through SSL to the external tools require a trusted certificate to be imported into the NSS database.

CA and self-signed certificates

After you configure FIPS in your deployment, you can obtain and import a signed certificate by a trusted Certificate Authority (for production environments) or a self-signed certificate (for test environments) to your NSS database to authenticate your Web Help Desk server identity in a secure HTTPS connection. When completed, your deployment is FIPS 140-2 compliant.

Before you begin

Enabling FIPS 140-2 compliant cryptography requires careful planning and coordination with IT management and corporate personnel for a successful implementation. Review the requirements and procedures in this section to ensure you have the appropriate amount of time, hardware, software, and resources for your deployment.

FIPS 140-2 compliant cryptography is not recommended in a multiple-instance environment.

After you enable FIPS 140-2 compliant cryptography in your Web Help Desk deployment, you cannot revert back to your previous configuration.

Requirements

SolarWinds recommends reviewing the following requirements before you enable FIPS 140-2 compliant cryptography in your Web Help Desk deployment.

Component Requirement
Web Help Desk 12.4.x and later
Hardware system Non-virtualized platform
Operating system

Windows Server 2008 (64-bit)

Windows Server 2008 R2 (64-bit)

Windows Server 2012 (64-bit)

Windows Server 2012 R2 (64-bit)

Database 1

MySQL 5.6 2

My SQL 5.7

PostgreSQL 9.2 (embedded)

PostgreSQL 9.3.2 (embedded)

PostgreSQL 9.4 (embedded)

SQL Server 2008 R2 SP3 2

SQL Server 2012 SP1 2

SQL Server 2014 2

LDAP

Active Directory 2003

Active Directory 2008

Active Directory 2012

Active Directory 2012 R2

Open Directory 4

OpenLDAP 2.4

OpenLDAP 2.4.42

Mail server and protocols

Exchange Server 2010

Exchange Server 2013 CU7

Exchange Server 2016

SMTP v3 3

Asset discovery connections

MySQL 5.6

MySQL 5.7

SQL Server 2008 R2 SP3

SQL Server 2012 SP1

SQL Server 2014

Windows Management Instrumentation (WMI)

Web browser

Google Chrome (Latest version)

Mozilla Firefox (Latest version)

Internet Explorer v9, v10, and v11

SolarWinds Integration

SolarWinds Network Configuration Manager

SolarWinds Network Performance Monitor

SolarWinds Server and Application Monitor

1 Single instance only.

2 SSL connections are not supported. Additionally, SolarWinds recommends running the database server on the same physical server running the Web Help Desk instance.

3 MD5 authentication is not supported.

 

 
Last modified
13:46, 18 Jul 2016

Tags

Classifications

Public