Features > Transfer Security > FIPS 140-2 Validation

Cerberus FTP Server

FIPS 140-2 Compliant File Transfer

Cerberus FTP Server uses an embedded FIPS 140-2-validated cryptographic module (Certificate #4282 using the OpenSSL 3 FIPS Provider Module) for all cryptographic operations and meets federal cryptographic requirements with FIPS 140-2 validated cryptography up to 256-bit AES encryption over SSL and SSH. This certificate will remain active through the FIPS 140-2 sunset date of 21 September 2026.

Cerberus will add FIPS 140-3 support when OpenSSL receives FIPS 140-3 validation, which will likely come at some point in 2024.

Meets all FIPS 140-2 cryptographic requirements

Certified by NIST/CSEC’s Cryptographic Module Validation Program

What is FIPS 140-2 Compliance?

In 2001, NIST‘s Federal Information Processing Standard (FIPS) publication 140-2 established a security standard for cryptographic modules used by the U.S. federal government in the collection, storage, transfer, sharing and dissemination of sensitive information. Most federal agencies and regulated industries must comply with the FIPS 140-2 standard by law, and all products sold to the federal government that use cryptographic modules must be FIPS 140-2 validated.

What Organizations Require FIPS-Compliant File Transfer?

The organizations below are required to use FIPS-compliant cryptography by law:

  • U.S. federal and state government agencies that deal with citizens’ private information
  • The U.S. military and its vendors working with sensitive but unclassified data
  • Vendors, suppliers and third parties selling cryptographic modules to the federal government or using these modules in support of their services

Industries that deal with sensitive data requiring high levels of privacy for regulatory or security reasons will often require the FIPS 140-2 standard as well. These industries include:

  • Financial institutions
  • Information-processing vendors
  • Healthcare-related organizations that fall under HIPAA regulation
  • Educational institutions
  • Utilities

However, the FIPS 140-2 standard can be used any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.

What Does it Mean to be FIPS 140-2 Compliant?

FIPS-validated solution must use cryptographic algorithms and hash functions that meet the FIPS requirements. Specifically, a FIPS-validated solution must:

  1. Use algorithms and hash functions approved under FIPS 140-2 requirements
  2. Be validated by the joint NIST/CSEC Cryptographic Module Validation Program (CMVP)


Try Cerberus FTP Server free for 25 days

  • Live US-based phone & email support
  • Bulletproof reliability
  • Built for complete data control
  • Trouble-free enterprise deployment

Full Feature List

Cerberus FTP Server HIPAA Compliance Icon



Advanced Security

SSH, SSL, FIPS 140-2

MFT Automation

Event, Alert & Sync Tools

Cerberus FTP Server Automated File Transfer Event Manager Icon


Windows Server, Cloud & Virtual

Access Protection

IP, User & Protocol Restriction Tools

Account Management

AD, LDAP, 2FA, SSO & More

Auditing and Reporting

File Access, User and Admin Logging

Cerberus FTP Server Automated File Transfer Event Manager Icon

Administration Tools

API, Sync Manager, & Other Tools

HTTPS Web Portal

Browser-Based Transfer from Any Device

Monitoring & Testing

Automated Network, Load and Access Testing

Regulatory Compliance

Auditing, Retention, & Encryption Tools

Cerberus FTP Server Automated File Transfer Event Manager Icon

Award-Winning Support

Phone, Email, & 24/7/365

Industry-Focused Solutions

Cerberus FTP Server supports a wide range of industry and professional needs. Enhance data security, streamline operations, and ensure compliance with regulations.

Uncompromising Commitment To Customer Satisfaction

Top rated FTP Server for over 20 years
Unwavering dedication to security and compliance
Consistent product updates and security patches
World-class, experienced, US-based support via phone or email
G2 Logo



4.8 / 5

Capterra Logo



4.8 / 5

CNET Downloads Logo

CNET Download


4.8 / 5

Recognized as an industry-leading secure FTP server

Trusted by Companies Like Yours

Uncompromising Customer Satisfaction

Latest News

What is FIPS compliance? How does it affect secure file transfer?

Background: What is FIPS compliance?   FIPS compliance refers to the implementation of specific data security practices outlined under the National Institute of Standards and Technology (NIST)’s Federal Information Processing Standards (FIPS). These standards...

FTP server port management best practices

In the past, we’ve covered the basics of FTP port management in our overview of FTP and FTPS ports blog. However, there are several additional best practices to consider when managing FTP server ports. Let’s dive in. 1. Bulletproof your port forwarding  Cerberus FTP...

Explore what Cerberus FTP Server can do for you

  • 25 Day Free Trial
  • No Credit Card Required
  • Up and running in less than 15 mins