FIPS compliance in WPM
You can run WPM and other Orion Platform products in Federal Information Processing Standard (FIPS) mode to comply with computer security and interoperability standards used by non-military US government agencies and contractors. To enable FIPS on the Orion server, see Enable FIPS for Orion Platform products.
SolarWinds recommends enabling FIPS as part of a fresh WPM deployment instead of as part of an upgrade.
For full FIPS compliance, SolarWinds recommends enabling FIPS mode on remote machines where you create recordings and play back transactions by adjusting Windows OS settings on those machines. See Enable FIPS mode for WPM on remote systems for details.
Enabling FIPS mode can impact CPU and memory usage on remote systems, which may result in an increased number of Down transactions.
Note that some WPM features are not supported in FIPS mode, including:
- File uploads: No file is uploaded.
- File downloads: Playback may stop.
- Basic, NTLM, and Digest authentication: "401 Unauthorized" messages appear during playback.
- Client certificate validation
- Proxy authentication
- Save recordings to Pingdom: No Pingdom icon appears in the bottom of the recorder.
- TCP Waterfall charts: Time values for items that can't be accessed during playback, like web pages, appear as "0".
- Media streaming: Connections are blocked.
Recordings created in a non-FIPS environment (for example, in WPM 2019.4) may behave differently if played back in an environment where FIPS mode is enabled. The same is true for transactions based on those recordings . One or more of the following results can occur:
- Steps fail (for example, if they require NTLM authentication).
- Actions within steps either fail or are skipped (for example, files aren't uploaded).
- Transactions fail or return false-positive results in the Orion Web Console.