Introduction

Provide protection against malware entering the network via Web channels, such as HTTP, HTTPS, and FTP.
Perform real-time content analysis to discover malware and hidden threats.
Can monitor traffic that uses any of more than 100 protocols.
Provide highly-granular and flexible control of Internet access to enforce the precise requirements of an organization’s Acceptable Use Policy (AUP)

Forcepoint Web protection solutions protect against advanced web-based threats and data theft while on and off the corporate network. These solutions include server software installed on corporate servers and software installed on client’s computers.

These products use cryptographic modules to protect the integrity of the data they collect while that data is being transmitted and stored. National Institute of Standards and Technology (NIST) in the Federal Information Processing Standards (FIPS) Publication 140-2 defines security requirements for cryptographic modules. Forcepoint C Cryptographic Module and Forcepoint Java Cryptographic Module were certified by NIST under the Cryptographic Module Validation Program. The official publication describing this standard is FIPS PUB 140-2.

Forcepoint FIPS 140-2 certificates are available:

Forcepoint C Cryptographic Module version 2.0.5 (Web protection solutions and Appliances)
Forcepoint Java Cryptographic Module version 3.0.1 (Web Protection solutions)

All libraries will be in place and incorporated into the product after installation of a patch. See this article for information and instructions.

Additional details on the specific use of these modules are provided below.

Note: This document applies to the Forcepoint Web Security system after a manual FIPS hardening procedure has been performed. See the attachment in this article for details.