FIPS mode in hp sm

Experts,

Could you please tell me what kind of security does it gve if I enable the FIPS mode in HP Service Manager ?.

Does it give any level of security to the windows client in hP SM ?. Would it allow not to sniff the client user name and password from network?

I am on HP SMv9.40 classic and doesnt have TLS /SSL setup.

thx

dev

  • Hello Brav0,

    hope you are doing great.

    According your concern, you could take a look on the following zip file, there is a pdf guide with all information about it.

    https://softwaresupport.hpe.com/group/softwaresupport/search-result/-/facetsearch/document/KM02204270

     

  • Thank you for the document Carlos.

    Couple of questions on FIPS mode enablement in HP SM,

     what level of security does it give to HP SM windows client ?.

    Does it provide the level of encryption to the windows client users (username and password) , which wouldn’t allow sniffing of their network password ?

    does the FIPS mode allow us to setup an encryption on the username and password of the users using windows client of HP SM?.

  • Thank you for the document Carlos.

    Couple of questions on FIPS mode enablement in HP SM,

     what level of security does it give to HP SM windows client ?.

    Does it provide the level of encryption to the windows client users (username and password) , which wouldn’t allow sniffing of their network password ?

    does the FIPS mode allow us to setup an encryption on the username and password of the users using windows client of HP SM?.

  • Verified Answer

    what level of security does it give to HP SM windows client ? A high level of security using FIPS HMACDRBG random number generation algorithms.

    Does it provide the level of encryption to the windows client users (username and password) , which wouldn’t allow sniffing of their network password ? There should not be an ability to sniff the user's network password, however, if you find this to be possible, you should immediately open a case.

    does the FIPS mode allow us to setup an encryption on the username and password of the users using windows client of HP SM? If I recall correctly, this feature already exists when using the "Remember My Password" option with just SSL enabled so since SSL is required to use FIPS, then this should happen.

  • Thank you for the reply Mike.

    So what I understand is, by enabling FIPS is very similar to certifcate based encryption for the windows client.

  • Generally yes, and there are more actions that can be done to make it even more secure. The FIPS Guide is quite thorough. You might think of a full FIPS implementation as your "maximum" level of security with SM.