Is KMS FIPS140-2?
I had been looking into implementing drive based encryption for our LTO5 drives. I had come across a few interesting things dealing with regulations.
I see that Quantum's QEKM and SKM solutions are both FIPS 140-2 certified. I was trying to verify whether or not KMS is also.
I was reading an whitepaper written on Feb 28th by Don Peterson about KMS and on page 13 he wrote:
"In order for NetBackup to run in a FIPS 140-2 mode, the cryptographic primitives used in NetBackup client encryption, the NetBackup KMS, the OST encryption plug-in (used to encrypt data going to Cloud or AdvancedDisk storage pools) and NBAC will be updated use a crypto module that Symantec will have FIPS validated. This will result in a FIPS 140-2 validation certificate for Symantec for this crypto module."
I tried to look at the NIST validations 140-1 and 140-2 but the only Symantec product I could find that is close is:
Symantec Cryptographic Module
(Software Version: 1.0)
Overall Level: 1
-EMI/EMC: Level 3
-Operational Environment: Tested as meeting Level 1 with Windows XP Professional, Windows 2000
-FIPS-approved algorithms: AES (Cert. #164); Triple-DES (Cert. #266); SHS (Cert. #248); HMAC (Cert. #5); RNG (Cert. #12)
-Other algorithms: N/A
"The Symantec Cryptographic Module is a software library that contains FIPS-approved cryptographic algorithms. This module provides encryption functionality for selected Symantec products."
Does anyone know if these are the libraries that were spoken about in the article? If so are there any other configuration's or requirements to make KMS FIPS certified?