Features > Transfer Security > FIPS 140-2 Validation
Cerberus FTP Server
FIPS 140-2 Compliant File Transfer
Cerberus FTP Server uses an embedded FIPS 140-2-validated cryptographic module (Certificate #4282 using the OpenSSL 3 FIPS Provider Module) for all cryptographic operations and meets federal cryptographic requirements with FIPS 140-2 validated cryptography up to 256-bit AES encryption over SSL and SSH. This certificate will remain active through the FIPS 140-2 sunset date of 21 September 2026.
Cerberus will add FIPS 140-3 support when OpenSSL receives FIPS 140-3 validation, which will likely come at some point in 2024.
Meets all FIPS 140-2 cryptographic requirements
Certified by NIST/CSEC’s Cryptographic Module Validation Program
What is FIPS 140-2 Compliance?
In 2001, NIST‘s Federal Information Processing Standard (FIPS) publication 140-2 established a security standard for cryptographic modules used by the U.S. federal government in the collection, storage, transfer, sharing and dissemination of sensitive information. Most federal agencies and regulated industries must comply with the FIPS 140-2 standard by law, and all products sold to the federal government that use cryptographic modules must be FIPS 140-2 validated.
What Organizations Require FIPS-Compliant File Transfer?
The organizations below are required to use FIPS-compliant cryptography by law:
- U.S. federal and state government agencies that deal with citizens’ private information
- The U.S. military and its vendors working with sensitive but unclassified data
- Vendors, suppliers and third parties selling cryptographic modules to the federal government or using these modules in support of their services
Industries that deal with sensitive data requiring high levels of privacy for regulatory or security reasons will often require the FIPS 140-2 standard as well. These industries include:
- Financial institutions
- Information-processing vendors
- Healthcare-related organizations that fall under HIPAA regulation
- Educational institutions
- Utilities
However, the FIPS 140-2 standard can be used any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.
What Does it Mean to be FIPS 140-2 Compliant?
FIPS-validated solution must use cryptographic algorithms and hash functions that meet the FIPS requirements. Specifically, a FIPS-validated solution must:
- Use algorithms and hash functions approved under FIPS 140-2 requirements
- Be validated by the joint NIST/CSEC Cryptographic Module Validation Program (CMVP)
FIPS 140-2 Resources:
- How to implement FIPS 140-2 cryptography and other security settings in Cerberus FTP Server
- Answers to common FIPS 140-2 support questions we receive
- Cerberus Has Moved to OpenSSL 3
- The difference between FIPS 140-2 and 140-3
- How to Ensure HIPAA Compliance on Your FTP/SFTP/FTPES Server
- Our plans for FIPS 140-3 validation
Try Cerberus FTP Server free for 25 days
- Live US-based phone & email support
- Bulletproof reliability
- Built for complete data control
- Trouble-free enterprise deployment
Full Feature List
Protocols
FTP, FTP/S, SFTP, SCP, HTTP/S
Advanced Security
SSH, SSL, FIPS 140-2
MFT Automation
Event, Alert & Sync Tools
Environments
Windows Server, Cloud & Virtual
Access Protection
IP, User & Protocol Restriction Tools
Account Management
AD, LDAP, 2FA, SSO & More
Auditing and Reporting
File Access, User and Admin Logging
Administration Tools
API, Sync Manager, & Other Tools
HTTPS Web Portal
Browser-Based Transfer from Any Device
Monitoring & Testing
Automated Network, Load and Access Testing
Regulatory Compliance
Auditing, Retention, & Encryption Tools
Award-Winning Support
Phone, Email, & 24/7/365
Industry-Focused Solutions
Cerberus FTP Server supports a wide range of industry and professional needs. Enhance data security, streamline operations, and ensure compliance with regulations.
Uncompromising Commitment To Customer Satisfaction
G2
4.8 / 5
Capterra
4.8 / 5
CNET Download
4.8 / 5
Recognized as an industry-leading secure FTP server
Trusted by Companies Like Yours
Uncompromising Customer Satisfaction
Latest News
Cerberus FTP Server 13.0 Introduces Enhanced SSH Options
Continuing from our TLS enhancements introduced in Cerberus FTP Server 12.11, we are adding new key exchange and cipher options as shown in the screenshot below: Key Exchange Algorithms Version 13 adds Edwards Curves (x25519 and x448) to the supported list of KEXs....
Moving to OpenSSL 3 in Cerberus FTP Server 12.11
Starting in version 12.11, Cerberus FTP Server will use OpenSSL 3 which will add TLS 1.3 protocol support
and enables additional key exchange, cipher, and mac algorithms.
Best File Transfer for Windows: Evaluating SFTP vs. FTPS Pros and Cons
Choosing a file transfer solution for Windows can be a challenge. The two most popular options: SFTP and FTPS, each have advantages and disadvantages that can impact your business. This blog post will compare SFTP versus FTPS to help you understand which protocol best...
Explore what Cerberus FTP Server can do for you
- 25 Day Free Trial
- No Credit Card Required
- Up and running in less than 15 mins