Get started > Key concepts > Features > FIPS 140-2 compliance > Supported FIPS 140-2 security level

Supported FIPS 140-2 security level

FIPS 140-2 Security Level

SA Component

Supported FIPS 140-2 Security Level

NSS Version

OpenSSL Version

SA 10.10 and later

Level 1

3.15.1

1.0.1h (2.0.5 FIPS module)

SA cryptography modes

SA offers two cryptographic modes:

  • FIPS 140-2 mode (sensitive, but unclassified information)
  • ESM Standard Cryptography (default mode)

FIPS 140-2 mode

FIPS 140-2 mode enables security for information that is sensitive, but unclassified (SBU). FIPS 140-2 mode means that the NSS cryptographic module has been deployed and enabled on all the relevant SA components that connect to and exchange data with the SA Core.

FIPS 140-2 mode is based on RSA public-key encryption technology, and is a separate and secure cryptography system apart from ESM’s standard cryptography system. Once FIPS 140-2 mode is enabled, ESM’s standard cryptography system is not used.

ESM standard cryptography

To support deployments for which FIPS 140-2 cryptography is not a requirement, SA continues using its existing cryptographic algorithms and key store formats.