You can use the Administrative Console to configure a Reflection X domain to run in FIPS mode.
When Reflection X is configured to run in FIPS mode it enforces the United States government Federal Information Processing Standard (FIPS) 140-2. All available settings use security protocols and algorithms that meet this standard. Options that do not meet these standards are not available, and only the Secure Shell connection method can be used to start X clients.
The United States government's Federal Information Processing Standard (FIPS) 140-2 specifies security requirements for cryptographic modules. Cryptographic products are validated against a specific set of requirements and tested in 11 categories by independent, US government-certified testing laboratories. This validation is then submitted to the National Institute of Standards and Technology (NIST), which reviews the validation and issues a certificate. In addition, cryptographic algorithms may also be validated and certified based on other FIPS specifications. The list of certified products and the vendor's stated security policy (the definition of what the module has been certified to do) can be found at: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm.
NOTE:Important note: If you are configuring Reflection X to use FIPS mode, you should ensure that you are running a version that has met all FIPS 140-2 standards. Contact Micro Focus Technical Support for more information.