Palo Alto Networks offers a vendor affirmed FIPS version of Cortex XSOAR. The vendor affirmed FIPS version, starting from version 6.2, uses a third-party software library, BoringCrypto, as a crypto module. The BoringCrypto module has been validated against FIPS 140-2, a U.S. and Canadian government standard used to approve cryptographic modules.
The vendor affirmed FIPS version of Cortex XSOAR can be used for single server deployments, multi-tenant deployments, and high availability deployments (single server or multi-tenant).
The vendor affirmed FIPS version of Cortex XSOAR has similar functionality, and supports the same operating systems, as the non-FIPS version of Cortex XSOAR.
Cortex XSOAR will, by default, install the standard version of Docker or Podman for your operating system. If you require the FIPS version of Docker or Podman instead, it must be installed prior to installing the vendor affirmed FIPS version of Cortex XSOAR.
The vendor affirmed FIPS version of Cortex XSOAR has the following limitations:
Upgrades between FIPS and non-FIPS certified versions are not supported, including database migrations, backups, and restores.
The FIPS version supports only engines installed on the Linux operating system