FIPS transfer mode

For client-initiated file transfers using the AS2 (SSL), FTPS, HTTPS, PeSIT (SSL, legacy SSL), or SSH (SFTP and SCP) protocols, you can restrict the Axway SecureTransport Server to use only FIPS 140-2 Level 1 certified cryptographic libraries. This requires the sender and the recipient (clients and partner servers) to use only approved algorithms, ciphers, and cipher suites and assures that the entire transfer is secure at FIPS 140-2 Level 1.

Note Because Axway Secure Client firewall-friendly Tunnel Mode uses SSL v3, you cannot use it for FTPS in FIPS transfer mode.

For the relevant protocols, you can select Enable FIPS Transfer Mode in the Server Control page or the Add Transfer Site or Edit Transfer Site page.

For client-initiated transfers, see Server control.

Note Enabling FIPS transfer mode for a protocol server causes transfers to fail if the client that uses that server does not provide the required FIPS cipher or cipher suite.

For server-initiated transfers, see Transfer sites.

Note Enabling FIPS Transfer Mode for an existing transfer site causes transfers to fail if the other server does not provide the required cipher or cipher suite.

The following topics describe the FIPS certified cryptographic libraries and list the required ciphers and cipher suites:

Related Links