Ransomware attackers specifically target and attempt to destroy backup systems to increase the probability of payment. Hardening your system is critical. Please ensure you have reviewed your platform security using the Security Hardening Checklist
Cohesity

COHESITY Documentation

Explore our documentation to get started, discover products & new features, access troubleshooting guides, register sources, platforms support.

Products
Data Security Alliance
Visit Cohesity.com
Demos
Support
Blogs
Developers
Partner Portals
Cohesity Community
© 2026 Cohesity, Inc. All Rights Reserved.
Terms of Use|
Privacy Policy|
Legal|
  1. Home
  2. NetBackup and NetBackup Appliances Hardening Guide
  3. Steps to protect NetBackup Flex Scale
  4. FIPS overview for NetBackup Flex Scale
NetBackup and NetBackup Appliances Hardening Guide

FIPS overview for NetBackup Flex Scale

The Federal Information Processing Standards (FIPS) define U.S. and Canadian Government security and interoperability requirements for computer systems. The National Institute of Standards and Technology (NIST) issued the FIPS 140 Publication Series to coordinate the requirements and standards for validating cryptography modules. The FIPS 140-2 standard specifies the security requirements for cryptographic modules and applies to both the hardware and the software components. It also describes the approved security functions for symmetric and asymmetric key encryption, message authentication, and hashing.

For more information about the FIPS 140-2 standard and its validation program, see the following links:

https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf

https://csrc.nist.gov/projects/cryptographic-module-validation-program

The NetBackup Flex Scale Cryptographic Module is FIPS validated. Starting with NetBackup Flex Scale 3.5, FIPS 140-2 standard is enabled with the default factory settings for the Veritas Optimized Operating System (VxOS). After FIPS for VxOS is enabled, the sshd uses the following FIPS approved ciphers:

  • aes128-ctr

  • aes192-ctr

  • aes256-ctr

The FIPS 140-2 standard is enabled for NetBackup MSDP when you create a NetBackup Flex Scale cluster.

Note:

You cannot disable the FIPS option for VxOS or for NetBackup MSDP.

Starting with NetBackup Flex Scale version 3.2, the application layer is FIPS-compliant.

Feedback

Was this page helpful?
Previous

Viewing the NetBackup Flex Scale STIG status

Next

Viewing the NetBackup Flex Scale FIPS status

Feedback

Was this page helpful?