What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

Is PRTG and its protocols FIPS 140-2 compliant?

Votes:

-1

Hello,

Recently in my company's infrastructure we have found the need to meet FIPS 140-2 compliance standards. We are currently using Nagios for monitoring which is far from adequate and is not compliant. I wanted to know whether or not PRTG meets these standards. I know Nagios was using plain text for monitoring and I want to find a better solution, and I have used PRTG before and was considering it. Can anyone answer this? I believe off the top of my head it requires all data to be encrypted at 128-bit or better, must not use the RC4 cipher or SSLv3.

compliance fips secure

Created on Sep 15, 2015 6:54:49 PM



3 Replies

Votes:

0

Hi Josh,

We are constantly improving the security of PRTG and we are implementing technologies, which allow a secure monitoring. If those protocols are supported by the target devices, PRTG will also be able to encrypt the communication.

The webserver of PRTG already allows only 'state-of-the-art' encryption (new TLS protocols, newest Ciphers). PRTG is also checked by third party service providers who perform regular penetration tests. We of course want to protect our customer's data, but we do not intent to get a certification.

Best regards, Felix

Created on Sep 25, 2015 8:21:22 AM by Felix Saure [Paessler Support]



Votes:

0

Does that mean that PRTG is not FIPS 140-2 compliant? If that is the case, how can it be accepted by government organizations that are requiring FIPS 140.2?

Created on Dec 9, 2015 4:33:40 PM



Votes:

0

Hello,

As mentioned before, PRTG already complies with many specifications of the FIPS 140.2 certification, but currently there are no plans to get PRTG Network Monitor certified, sorry.

Kindly follow this link to see which security features PRTG offers.

Best regards, Felix

Created on Dec 10, 2015 6:30:59 AM by Felix Saure [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.