Loading

FIPS 140-2 compliance

Self-Managed

The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2), titled "Security Requirements for Cryptographic Modules" is a U.S. government computer security standard used to approve cryptographic modules.

  • Elasticsearch offers a FIPS 140-2 compliant mode and as such can run in a FIPS 140-2 configured JVM.
  • Kibana offers a FIPS 140-2 compliant mode and as such can run in a Node.js environment configured with a FIPS 140-2 compliant OpenSSL3 provider.
  • Some Ingest tools, including Elastic Agent, Fleet, Filebeat, Metricbeat, and APM Server, are available as FIPS compatible binaries and can be configured to use FIPS 140-2 compliant cryptography.
Note

If you are running Elasticsearch through Elastic Cloud on Kubernetes, refer to ECK FIPS compatibility.

FIPS compliance is not officially supported in Elastic Cloud Enterprise (ECE). While ECE may function on FIPS-enabled systems, this configuration has not been validated through our testing processes and is not recommended for production environments.