FIPS compliance
Find out how IBM Cloud Pak® for Integration can be implemented in a Federal Information Processing Standards (FIPS)-compliant manner.
Requirements
To ensure FIPS compliance:
Deploy Cloud Pak for Integration on a FIPS-enabled Red Hat® OpenShift® Container Platform cluster. The cluster is configured in a "FIPS wall". For more information see Configuring FIPS support on OpenShift.
Confirm that the cluster has encryption of data that uses FIPS 140-3.
In the following "Instances" section, review the documentation for each instance type that you intend to deploy. Determine which features may require special considerations to be compliant or cannot be used in a FIPS-compliant manner.
Instances
Review the FIPS compliance of Cloud Pak for Integration instances:
Platform UI, see Platform UI FIPS compliance.
API management, see API management FIPS compliance.
Aspera High-speed Transfer Server (HSTS) is fully compliant with FIPS.
Automation assets, see Automation Assets FIPS compliance.
Integration assemblies: You can use integration assemblies to deploy and manage multiple instance types. To implement an integration assembly in a FIPS-commpliant manner, follow the FIPS requirements for each instance type in your assembly.
Declarative APIs and declarative API products, see Declarative API and declarative API Product FIPS compliance.
Enterprise gateway is not FIPS compliant and cannot be deployed in a FIPS wall.
Event Endpoint Management, see Event Endpoint Management.
Kafka cluster, see Event Streams.
Queue manager, see FIPS compliance for IBM MQ in containers.
Red Hat OpenShift Container Platform, see Support for FIPS cryptography.