How do I enable FIPS on Exchange 2010 running on Server 2008 R2

We have a new client that will nto begin trasnmission of data until we can assure them we meet FIPS compliance for email and FTP.

We run exchange 2010 on server 2008 R2. Our FTP server is running SSH ( will this count for FIPS)?
manelson05Asked:
Who is Participating?
 
btanExec ConsultantCommented:
Maybe relevant
 http://blogs.technet.com/b/exchange/archive/2010/08/30/3410867.aspx

 When will Exchange Server 2010 support FIPS compliance? 
Exchange Server 2010 SP1 provides for the ability to disable algorithms which are not FIPS 140-2 compliant. These algorithms are used for encryption, hashing, and signing within the Windows Server 2008 and Windows Server 2008 R2 operating systems that support Exchange Server 2010. When the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing setting is enabled in a Group Policy or Local Policy, it disables the use of non-FIPS compliant algorithms such as RC-4. In Exchange 2010 RTM, it caused certain functions to fail. The most notable issue was in Outlook Web App (OWA), as documented in Microsoft Knowledge Base Article KB977961
, and in the web-based Exchange Control Panel (ECP).
0
 
manelson05Author Commented:
We currently run OWA using SSL and many of the phones use OWA to fetch calendar and mail.
0
 
Hendrik WieseInformation Security ManagerCommented:
Exchange 2010 SP1 does support the FIPS Algorithms.

You can confirm it here: http://www.networksteve.com/?p=2841
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
btanExec ConsultantCommented:
This wil be useful and I understand exchange is using rdp for comms and even outlook anywhere which encapsulate it by http which is secured with ssl/tls. As for ssh, I have reservagion as it does not seems to fall within the supported list stated in the link.
 http://technet.microsoft.com/en-us/library/cc750357.aspx
0
 
manelson05Author Commented:
Any data on configuring it? We have Exchange Sp1 running, with SSL 1024, but I know this is not the same. Am I going to need specific hardware before anything is configured? Having a difficult time finding resources on configuring Exchange to meets FIPS requirements as well as OWA and all phones that use it.
0
 
Hendrik WieseInformation Security ManagerCommented:
The link I posted has a couple of links, did you have a look at them?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.