Federal Information Processing Standards (FIPS) are standards and guidelines issued by the National Institute of Standards and Technology (NIST) for federal government computer systems.
WebSphere® Process Server and WebSphere Enterprise Service Bus rely on IBM® WebSphere Application Server for all cryptographic functions, which are compliant with Federal Information Processing Standards.
FIPS are developed when there are compelling federal government requirements for standards, such as for security and interoperability, but acceptable industry standards or solutions do not exist. Government agencies and financial institutions use these standards to ensure that the products conform to specified security requirements. For more information about these standards, see the National Institute of Standards and Technology at http://www.nist.gov/.
WebSphere Application Server integrates cryptographic modules including Java™ Secure Socket Extension (JSSE) and Java Cryptography Extension (JCE), which have undergone FIPS 140-2 certification. In the WebSphere Application Server documentation, the IBM JSSE and JCE modules that have undergone FIPS certification are referred to as IBMJSSEFIPS and IBMJCEFIPS.
For more information, see "Configuring Federal Information Processing Standard Java Secure Socket Extension files" in the WebSphere Application Server information center. When you enable FIPS, several components of the server are affected including the cipher suites, the cryptographic providers, the load balancer, the caching proxy, the high availability manager, and the data replication service.