IBM Tivoli Monitoring > Version 6.3 Fix Pack 2 > Installation Guides > Agent Installation Guides > UNIX Agent Installation Guide > Agent installation and configuration
IBM Tivoli Monitoring, Version 6.3 Fix Pack 2
Complying with FIPS requirements
The monitoring agent complies with the Federal Information Processing Standard (FIPS) 140-2. This computer security standard requires stronger checksum algorithms (for example, SHA-256 and SHA-512) when you define situations for checking file changes.
To enforce compliance at the agent, specify checksum algorithms with the KDEBE_FIPS_MODE_ENABLED environment variable in the ux.ini file. Table 1 lists the supported algoritms for each setting of the environment variable.
Setting the environment variable KDEBE_FIPS_MODE_ENABLED
Environment variable setting CRC32 MD5 SHA - 1 SHA - 256 SHA - 512 KDEBE_FIPS_MODE_ENABLED not set default allowed allowed allowed allowed ("Long Checksum" attribute) KDEBE_FIPS_MODE_ENABLED=yes N/A N/A default allowed allowed ("Long Checksum" attribute) KDEBE_FIPS_MODE_ENABLED=sp800-131a N/A N/A default allowed allowed ("Long Checksum" attribute) KDEBE_FIPS_MODE_ENABLED=suiteb128 N/A N/A N/A default allowed ("Long Checksum" attribute) KDEBE_FIPS_MODE_ENABLED=suiteb192 N/A N/A N/A default allowed ("Long Checksum" attribute)
Create a situation on the File Information group that specifies a File Name, a Path, and File Content Changed = YES. Optionally, add a checksum algorithm-specific value to the situation definition to change the defaults. The situation fires when the file content is changed. The value of the computed file checksum is reported in the situation details. This value is in the "Checksum" attribute or "Long Checksum" attribute. The "Long Checksum" attribute also supports the longer checksum value of the SHA-512 algorithm.
Parent topic:
Agent installation and configuration