Skip to main content

FIPS Compliance

If you are operating in a Federal system, your Kraken unit must meet the Federal Information Processing Standards (FIPS) 140-3. 

As of version 4.2, Kraken's default kernel is not certified by the Cryptographic Module Validation Program. In order to achieve FIPS compliance, you must switch from the kernel-lt to the Oracle Unbreakable Enterprise Kernel (UEK).  

Note

Please note that switching the kernel does not automatically configure all FIPS-required settings. To ensure your Kraken is FIPS compliant, contact Haivision support.

To switch your kernel: 

  1. Use the Kraken CLI via console or SSH, and run:

    CODE 
    sudo /opt/haivision/usr/bin/switch-kernel kernel-uek

Tip

To switch the kernel back to kernel-lt, run sudo /opt/haivision/usr/bin/switch-kernel kernel-lt.

Important

Systems having run STIG scripts are unable to revert back to previous versions of Kraken using the Mainline Linux kernel.

To revert back in this case, you must re-image the Kraken instance with an ISO restore, or re-deploy your VM from the original image. Before doing this, be sure to export any presets you would like to save.

  1. After the kernel has switched, reboot your Kraken.

  2. Once the switch to kernel-uek is complete, the GRUB menu title will be changed to Haivision Kraken release 4.2.0-### - UEK.

Important

If you are using kernel-lt, the GRUB menu title will be Haivision Kraken release 4.2.0-###.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close