Managing the Global FIPS Compliance
You can retrieve information about the
current FIPS (Federal Information Processing Standards) settings of
vCenter Server
. You can also enable or deactivate the
global FIPS compliance.FIPS 140-2 is a U.S. and Canadian government
standard that specifies security requirements for cryptographic modules. vSphere uses
FIPS-validated cryptographic modules to match those specified by the FIPS 140-2
standard. The goal of vSphere FIPS support is to ease the compliance and security
activities in various regulated environments.
The following table lists the operations that you can perform to manage the FIPS settings of
your
vCenter Server
system.Operation | Description |
---|---|
Get FIPS status | You can check whether the global FIPS compliance is currently enabled on
the vCenter Server system. |
Manage FIPS status | You can enable or deactivate the global FIPS compliance on the
vCenter Server system. |
When you enable FIPS compliance, some
components might present functional constraints. For more information, see
vSphere Security
.You can run FIPS management operations by using the
vSphere
Automation
SDK or sending an HTTP
request. You can use the
GlobalFips
interface from the com.vmware.appliance.system.security
package
to check the FIPS status and enable or deactivate the global FIPS compliance. For
more information, see the Java
API Reference
documentation.