FIPS Version - Administrator Guide - 6.5 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.5
Creation date
2022-09-28
Last date published
2024-11-12
End_of_Life
EoL
Category
Administrator Guide
Abstract

Cortex XSOAR offers a FIPS version of Cortex XSOAR, using a software library validated against FIPS 140-2.

Palo Alto Networks offers a vendor affirmed FIPS version of Cortex XSOAR v6.5. The vendor affirmed FIPS version, starting from version 6.2, uses a third-party software library, BoringCrypto, as a crypto module. The BoringCrypto module has been validated against FIPS 140-2, a U.S. and Canadian government standard used to approve cryptographic modules.

The vendor affirmed FIPS version of Cortex XSOAR can be used for single server deployments, multi-tenant deployments, and high availability deployments (single server or multi-tenant).

The vendor affirmed FIPS version of Cortex XSOAR has similar functionality, and supports the same operating systems, as the non-FIPS version of Cortex XSOAR.

Cortex XSOAR will, by default, install the standard version of Docker or Podman for your operating system. If you require the FIPS version of Docker or Podman instead, it must be installed prior to installing the vendor affirmed FIPS version of Cortex XSOAR.

The vendor affirmed FIPS version of Cortex XSOAR has the following limitations:

  • D2 agents and shared agents are not supported.

  • Upgrades between FIPS and non-FIPS certified versions are not supported, including database migrations, backups, and restores.

  • The FIPS version supports only engines installed on the Linux operating system