Before you install XProtect VMS on a FIPS enabled system

While new XProtect VMS installations can be done on computers that are FIPS-enabled, you cannot upgrade XProtect VMS when FIPS is enabled on the Windows operating system.

If you are upgrading, before you install, disable the Windows FIPS security policy on all of the computers that are part of the VMS, including the computer that hosts SQL Server.

The XProtect VMS installer checks the FIPS security policy and will prevent the installation from starting if FIPS is enabled.

But, if you are upgrading from XProtect VMS version 2020 R3 and after, you do not need to disable FIPS.

After you have installed the XProtect VMS components on all of the computers and prepared the system for FIPS, you can enable the FIPS security policy on Windows on all of the computers in your VMS.

For detailed information on how to configure your XProtect VMS to run in FIPS 140-2 compliant mode, see the FIPS 140-2 compliance section in the hardening guide.