Skip to content

Security and Compliance Overview

This section describes how RLC Pro Hardened addresses security requirements and compliance obligations. It includes details on FIPS 140-3 certification, security profiles, compliance reports, and scripts to help verify your environment.

FIPS 140-3 Certification

RLC Pro Hardened ships with FIPS 140-3 validated cryptographic modules certified through the NIST Cryptographic Module Validation Program (CMVP). FIPS certification ensures that specific cryptographic modules meet federal standards for protecting sensitive data.

  • Validated Modules: View the list of NIST-certified cryptographic modules included in RLC Pro Hardened.
  • Enabling FIPS Mode: Instructions for enabling FIPS mode at install time or on an existing system.

Security Profiles

Security profiles provide system-wide hardening configurations that align with industry and government security benchmarks. Unlike FIPS (which certifies individual cryptographic modules), security profiles apply broad configuration policies across the entire system.

  • DISA STIG: Defense Information Systems Agency Security Technical Implementation Guides for DoD environments.
  • CIS Benchmarks: Center for Internet Security configuration baselines for general-purpose hardening.

Verification Scripts

  • Scripts: Predefined scripts to help administrators check compliance status on deployed systems.