Coming soon: FIPS validation for Rocky Linux

What is FIPS? It stands for Federal Information
Processing Standards, and was developed by NIST
to validate and approve cryptography standards.

Rocky Linux reaches significant step in FIPS 140-3 validation process

We are excited to announce that Rocky Linux has reached a significant step in the FIPS 140-3 validation process; right on schedule, Rocky Linux is now named in the NIST Implementation Under Test (IUT) List. The IUT list allows us to point our stakeholders to this NIST-hosted list which shows that we are working with an approved lab for FIPS validation.

Why is FIPS validation important? FIPS standards establish requirements for ensuring computer security and interoperability, and are intended for cases in which suitable industry standards do not already exist. It’s required in many applications with high security requirements, such as in healthcare, government, defense, and financial environments. 

FIPS refers to any components in the technology stack that provide clear security functions as a module. A module can be implemented as a firmware, software, or hardware. FIPS is based on the concept that once a module has been certified, it is never changed. If it is changed, then it must be recertified. As a result, FIPS software modules are designed to be as tightly focused on the cryptographic components as possible, to ensure that changes that are not related to cryptography do not require a re-evaluation of the cryptography. FIPS 140-3 supersedes FIPS 140-2 and outlines updated federal security requirements for cryptographic modules.

The benefit to you: you can count on Rocky Linux for high-security applications and business processes. We look forward to receiving validation and being moved to the Validated Modules list!


Watch our webinar on Rocky Linux and Security to learn about FIPS certification, secure boot, and other security features of Rocky Linux.

Standard

  • User Effort
  • Self Help Full Access
  • 6:00 AM – 6:00 PM PT
  • Email, Chat, Phone
  • Response Time < 6 Hours
  • System Administration Effort

Advanced

  • User Effort
  • Self Help Full Access
  • 24 x 7
  • Email, Chat, Phone
  • Response Time < 2 Hours
  • System Administration Effort
  • Engineering/ Development Effort

Contact ciq

We’re here to enable and facilitate the needs of the community.

Whether you need help migrating, want to learn about our support options, or chat about specific solutions for your business, contact us and we’ll get back to you.