FIPS Compliance with Titan MFT Server

Question

How can I ensure FIPS Compliance with Titan MFT Server in my Windows environment?

Answer

Titan MFT Server can meet FIPS Compliance requirements. There are configuration items within Titan MFT Server to consider, as well as Operating System configurations to ensure on the system running Titan.

Pre-requisites

1. Titan MFT Server installed on a compatible Windows Server system

2. Titan MFT Server Administrator Account created and credentials available

3. Active Trial or License for Titan MFT Server use

4. Access and Permissions to make changes to Windows environment, including registry and policies

Steps

1. Login to the Titan Server Administrator using valid credentials

2. Navigate to the specific Services that are to be used in Titan (e.g. FTPS, SFTP, HTTPS)

1. Enable the setting to “Enable FIPS Compliance…” for each of the Services of interest. Choose “Apply”.

1. NOTE: This option ensures the encryption methods enabled within Titan are all FIPS compliant, and any non-compliant options will be disabled.

2. Screenshots attached as reference

2. If preferring to not use the “Enable FIPS Compliance…” option, ensure that under the SFTP settings in Titan, the Ciphers, MACs, and Key Exchanges in use are all FIPS Compliant, and be sure to disable weak options.

1. For FTPS and HTTPS (TLS) Services, verify these options at the Windows level: Verifying and Configuring TLS Settings for Windows Server

3. Review links from Windows regarding ensuring OS is FIPS Compliant:

1. Link: Windows FIPS 140 Validation for Operating Systems

2. Link: Windows Server 2019 FIPS 140 Validation

4. See attached documentation with additional recommendations for configuration and use of Titan Server.

Related to: Titan MFT Server – Current versions