quient.anderson1 (Customer) asked a question.
Is RSA 8.7.2.1 on prem fips compliant?
Related Questions
Nothing found
Loading
Trending Articles
RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA Authentication Manager 8.9 Release Notes (January 2026) How to install the jTDS JDBC driver on WildFly for use with Data Collections in RSA Identity Governance & Lifecycle RSA Authentication Manager 8.8 Setup and Configuration Guide Artifacts to gather in RSA Identity Governance & Lifecycle
Don't see what you're looking for?
RSA Authentication Manager, AM is delivered as a hardened and locked-down security appliance, in either hardware or virtual deployments, with a very limited security footprint. Modifications to the AM appliance are not supported.
RSA invests in independent third-party audits and industry certifications to ensure that our products and processes meet or exceed the highest standards. Certification and audit examples include SOC2 Type 2, FedRAMP, CSA STAR, DoD STIG, and FIPS 140-2. For more information, refer to the RSA Certifications and Compliance.
https://rsa.com/secure/#certifications
RSA hardware and virtual appliances include operating system and database components that are specially configured based on US Department of Defense (DOD) Security Technical Implementation Guides (STIG) hardening guidelines. Operating system and database patches are handled automatically and are included in RSA application software updates.
All sensitive data is encrypted at rest on the virtual appliance using FIPS 140-2 compliant cryptography.
AM uses TLS v1.2, or later, with ECDHE key agreement, 2048-bit RSA signatures, and AES 256-bit keys *, to secure data in transit.
Please refer to the following for more detail
Understanding RSA Security, An overview of RSA security practices, operations, and controls.
https://www.rsa.com/resources/reports/rsa-security-overview-practices-operations/
aka security-overview-rsa-whitepaper.pdf
RSA Authentication Manager 8.8 Security Configuration Guide
https://community.rsa.com/s/article/RSA-Authentication-Manager-8-8-Security-Configuration-Guide
Let us know any follow-up questions.
* TLS Client Hello from AM 8.8 appliance shows the following Ciphersuites offered, controlled in java.security file.
Cipher Suites (15 suites)
Cipher Suite: TLS_AES_256_GCM_SHA384 (0x1302)
Cipher Suite: TLS_AES_128_GCM_SHA256 (0x1301)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (0xc02c)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (0xc02b)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 (0xc024)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 (0xc023)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (0xc00a)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014)
Cipher Suite: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (0xc009)
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013)
Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)