In 2001, NIST‘s Federal Information Processing Standard (FIPS) publication 140-2 established a security standard for cryptographic modules used by the U.S. federal government in the collection, storage, transfer, sharing and dissemination of sensitive information. Most federal agencies and regulated industries must comply with the FIPS 140-2 standard by law, and all products sold to the federal government that use cryptographic modules must be FIPS 140-2 validated.
Meets all FIPS 140-2 cryptographic requirements
Certified by NIST/CSEC’s Cryptogaphic Module Validation Program
What Organizations Require FIPS-Compliant File Transfer?
The organizations below are required to use FIPS-compliant cryptography by law:
- U.S. federal and state government agencies that deal with citizens’ private information
- The U.S. military and its vendors working with sensitive but unclassified data
- Vendors, suppliers and third parties selling cryptographic modules to the federal government or using these modules in support of their services
Industries that deal with sensitive data requiring high levels of privacy for regulatory or security reasons will often require the FIPS 140-2 standard as well. These industries include:
- Financial institutions
- Information-processing vendors
- Healthcare-related organizations that fall under HIPAA regulation
- Educational institutions
However, the FIPS 140-2 standard can be used any organization that wishes to transfer files securely, safeguard business data, and protect its most critical information.
What Does it Mean to be FIPS 140-2 Compliant?
A FIPS-validated solution must use cryptographic algorithms and hash functions that meet the FIPS requirements. Specifically, a FIPS-validated solution must:
- Use algorithms and hash functions approved by FIPS 140-2
- Be validated by the joint NIST/CSEC Cryptographic Module Validation Program (CMVP)
Cerberus FTP Server FIPS 140-2 Compliance
Cerberus FTP Server uses an embedded FIPS 140-2-validated cryptographic module (Certificate #3503 using KeyPair FIPS Object Module for OpenSSL) for all cryptographic operations and meets federal cryptographic requirements with FIPS 140-2 validated cryptography up to 256-bit AES encryption over SSL and SSH.
Full Feature List
Cerberus FTP Server Editions
- FTP/S Server
- SOAP control API
- IP auto-banning
- User groups
- Web administration
- Virtual directories
$499 | 1 Yr Maintenance
- SFTP server
- AD/LDAP integration
- Public key authentication
- Client certificate verification
- Server replication
$899 | 1 Yr Maintenance
- MFT server
- HTTPS web client
- Event automation
- Email alerts
- File retention policies
- Ad-hoc sharing
$2,199 | 1 Yr Maintenance
Raved and Reviewed
Here’s what a few of our many satisfied customers have to say about Cerberus FTP Server.
“Our users have found Cerberus to be straightforward. We have handled many service tickets over the past three years, and Cerberus has had the least number of issues, by far.”
“We’ve been using Cerberus for at least five years, and it’s been awesome. Everything’s been very simple and easy, and we haven’t come across any limitations. It always just seems to work.”
“It’s not designed to be complicated, and it doesn’t need to be managed. I can hire someone new and they can be up to speed in minutes. Everyone on the team loves it.”
As part of our continuous effort to pursue security best practices, Cerberus FTP Server now issues a security warning when a RSA public key uses a weak, FIPS-invalid exponent. Once Cerberus moves to OpenSSL 3, if you have FIPS enabled and you have SFTP users with RSA...
Cerberus FTP is pleased to announce an update to our file extension management: the ability to set an allowed extension list! This feature allows administrators to restrict all file uploads except those with specific extensions. About the New Feature Cerberus FTP...
Critical Security Advisory A critical security issue has been identified in Cerberus FTP Server. We urge customers to download version 12.7.4 and upgrade as soon as possible. Scope All editions (Enterprise, Professional, Standard) of Cerberus FTP Server are...