Cerberus FTP Server

What is FIPS 140-2?

Features > Transfer Security > FIPS 140-2 Validation

Available in:

In 2001, NIST‘s Federal Information Processing Standard (FIPS) publication 140-2 established a security standard for cryptographic modules used by the U.S. federal government in the collection, storage, transfer, sharing and dissemination of sensitive information. Most federal agencies and regulated industries must comply with the FIPS 140-2 standard by law, and all products sold to the federal government that use cryptographic modules must be FIPS 140-2 validated.

Meets all FIPS 140-2 cryptographic requirements

Certified by NIST/CSEC’s Cryptogaphic Module Validation Program

What Organizations Require FIPS-Compliant File Transfer?

The organizations below are required to use FIPS-compliant cryptography by law:

U.S. federal and state government agencies that deal with citizens’ private information
The U.S. military and its vendors working with sensitive but unclassified data
Vendors, suppliers and third parties selling cryptographic modules to the federal government or using these modules in support of their services

Industries that deal with sensitive data requiring high levels of privacy for regulatory or security reasons will often require the FIPS 140-2 standard as well. These industries include:

Financial institutions
Information-processing vendors
Healthcare-related organizations that fall under HIPAA regulation
Educational institutions
Utilities

However, the FIPS 140-2 standard can be used any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.

What Does it Mean to be FIPS 140-2 Compliant?

A FIPS-validated solution must use cryptographic algorithms and hash functions that meet the FIPS requirements. Specifically, a FIPS-validated solution must:

Use algorithms and hash functions approved by FIPS 140-2
Be validated by the joint NIST/CSEC Cryptographic Module Validation Program (CMVP)

Cerberus FTP Server FIPS 140-2 Compliance

Cerberus FTP Server uses an embedded FIPS 140-2-validated cryptographic module (Certificate #3503 using KeyPair FIPS Object Module for OpenSSL) for all cryptographic operations and meets federal cryptographic requirements with FIPS 140-2 validated cryptography up to 256-bit AES encryption over SSL and SSH.

FIPS 140-2 Resources:

Full Feature List

Protocols

FTP, FTP/S, SFTP, SCP, HTTP/S

Transfer Security

SSH, SSL, FIPS 140-2

MFT Automation

Event, Alert & Sync Tools

Environment

Windows Server, Cloud & Virtual

Access Protection

IP, User & Protocol Restriction Tools

Account Management

AD, LDAP, 2FA & More

Auditing and Reporting

File Access, User and Admin Logging

Administration Tools

API, Sync Manager, & Other Tools

Industry Solutions

Financial Services

Government FIPS Compliance

Healthcare & HIPAA

Law & Legal

Cerberus FTP Server Editions

Standard

FTP/S Server
SOAP control API
IP auto-banning
User groups
Web administration
Virtual directories

$499 | 1 Yr Maintenance

View Standard

Professional

SFTP server
AD/LDAP integration
FIPS-140-2
Public key authentication
Client certificate verification
Server replication

$899 | 1 Yr Maintenance

View Professional

Cerberus FTP Server Five Star CNET Reviews

Enterprise

MFT server
HTTPS web client
Event automation
Email alerts
File retention policies
Ad-hoc sharing

$2,199 | 1 Yr Maintenance

View Enterprise

Download Free Trial

Purchase

Raved and Reviewed

Here’s what a few of our many satisfied customers have to say about Cerberus FTP Server.

“Our users have found Cerberus to be straightforward. We have handled many service tickets over the past three years, and Cerberus has had the least number of issues, by far.”

James Fayson

IT Service Owner, PACE, OASIS, Duke Health Technology Solutions

“We’ve been using Cerberus for at least five years, and it’s been awesome. Everything’s been very simple and easy, and we haven’t come across any limitations. It always just seems to work.”

Jake Cloward

Support Manager, Companion Corporation

“It’s not designed to be complicated, and it doesn’t need to be managed. I can hire someone new and they can be up to speed in minutes. Everyone on the team loves it.”

Tim Klein

Systems Administrator, Netalytics/Methasoft

Latest News

Optimizing Your Managed File Transfer Solution – Getting the Most Out of MFT

For many administrators looking to save time by automating critical recurring data tasks, a Managed File Transfer (or MFT) software is their solution of choice. These file transfer solutions typically replace a large number of single-purpose data transfer tools with a...

Cerberus FTP Server 12.7 Presents: New Security Warning on Session Reuse

As part of our continuous effort to pursue security best practices, Cerberus FTP Server now issues a security warning when FTP and FTPS listeners do not enforce session reuse. Once upgraded to version 12.7, running Cerberus FTP Server with FTP or FTPS listeners that...

Cerberus FTP Server 12.7 Introduces Password Reset for 2FA-Enabled Users

Cerberus FTP Server 12.7 now supports “Forgot your password?” password reset for accounts with Two Factor Authentication (2FA) enabled. What’s Changing? Prior to 12.7, accounts with 2FA enabled were simply not allowed to use the “forgotten password” reset. Following...