FIPS 140-2 Compliance
The Federal Information Processing Standard (FIPS) publication 140-2 sets out security requirements for cryptographic modules, including a laboratory validation program to approve them.
Redgate Monitor does not itself implement any cryptographic functions, instead relying on Microsoft-provided libraries which are part of the .NET Framework. Since Redgate Monitor 9.1.3, only cryptographic libraries which have been validated by Microsoft for use in FIPS environments are used by Redgate Monitor.
Redgate Monitor is therefore suitable for use in FIPS environments, including Windows environments where the System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing setting has been enabled.
Steps for earlier versions of Redgate Monitor
This issue can be resolved by turning FIPS compliance off. This can be done in the Local Security Policy (however if you are in a Domain this might be overridden by Group Policies, so you might need to speak to your Windows System Administrator).
Microsoft no longer recommend FIPS mode as detailed here.
If turning FIPS off is not an option you should be able to workaround this by editing the xml file:
C:\Program Files (x86)\Common Files\Red Gate\Shared Client\RedGate.Client.Service.exe.config
and adding the following under <configuration> <runtime> tags:
<enforceFIPSPolicy enabled="false"/>
See also:
https://learn.microsoft.com/en-us/compliance/regulatory/offering-fips-140-2
Was this article helpful?
Articles in this section
- Redgate Monitor migration guide to version 14
- "Your browser does not seem to be accepting cookies." error message
- Setting up OpenID Connect (OIDC) with Entra ID in Redgate Monitor
- Proxy Configuration in Redgate Monitor
- WMI error after DCOM hardening patch
- Redgate Monitor alert tuning
- Redgate Monitor set up for optimal performance
- Redgate Monitor Base Monitor Service Account
- Configuring Metrics and Alerts in Redgate Monitor
- Getting started with Redgate Monitor