Unsolved
This post is more than 5 years old
37 Posts
0
785
Symauth FIPS 140-2 compliance?
Currently working on a VMAX in DMZ solution and looking for some information.
I'm trying to track down documentation on our Symauth feature being FIPS compliant to share with my customer, anyone know where i can find this. The context of the discussion I have been having is below, just need to evidence it somehow.
"Symauth is based on user and group access, rather than host based such as SymACL. As long as users on a compromised system as defined in the symauth database are restricted to specific hosts such as defined by H:group/user, rather than defined by a more general user or group, the system will remain secure from a management perspective regardless of gatekeeper or symcli/symapi availability. The userauth feature is FIPS-140-2 compliant from a certification perspective."
Many Thanks
Craig