New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


Is PRTG and its protocols FIPS 140-2 compliant?

Votes:

0

Your Vote:

Up

Down

Hello,

Recently in my company's infrastructure we have found the need to meet FIPS 140-2 compliance standards. We are currently using Nagios for monitoring which is far from adequate and is not compliant. I wanted to know whether or not PRTG meets these standards. I know Nagios was using plain text for monitoring and I want to find a better solution, and I have used PRTG before and was considering it. Can anyone answer this? I believe off the top of my head it requires all data to be encrypted at 128-bit or better, must not use the RC4 cipher or SSLv3.

compliance fips secure

Created on Sep 15, 2015 6:54:49 PM by  joshmonger (0) 1



3 Replies

Votes:

0

Your Vote:

Up

Down

Hi Josh,

We are constantly improving the security of PRTG and we are implementing technologies, which allow a secure monitoring. If those protocols are supported by the target devices, PRTG will also be able to encrypt the communication.

The webserver of PRTG already allows only 'state-of-the-art' encryption (new TLS protocols, newest Ciphers). PRTG is also checked by third party service providers who perform regular penetration tests. We of course want to protect our customer's data, but we do not intent to get a certification.

Best regards, Felix

Created on Sep 25, 2015 8:21:22 AM by  Felix Saure [Paessler Support]



Votes:

0

Your Vote:

Up

Down

Does that mean that PRTG is not FIPS 140-2 compliant? If that is the case, how can it be accepted by government organizations that are requiring FIPS 140.2?

Created on Dec 9, 2015 4:33:40 PM by  OpsManager (0)



Votes:

0

Your Vote:

Up

Down

Hello,

As mentioned before, PRTG already complies with many specifications of the FIPS 140.2 certification, but currently there are no plans to get PRTG Network Monitor certified, sorry.

Kindly follow this link to see which security features PRTG offers.

Best regards, Felix

Created on Dec 10, 2015 6:30:59 AM by  Felix Saure [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.