In the section:
The SBC 11.1 complies with the FIPS-140-2 standard. This feature enhances the SBC's FIPS Object Module and introduces known answer tests for cryptographic algorithms FFC (Diffie-Hellman), SSH-KDF, and TLS-KDF for the new FIPS standard FIPS-140-2 to perform as known answer tests during the Power-On Self Tests (POSTs). These tests are added to the OpenSSL FIPS object module implementation.
Command Syntax
% set system admin <SYSTEM NAME> fips-140-2 mode <disabled | enabled>
Command Parameters
Parameter | Description |
|---|---|
fips-140-2 mode | Use this object to enable FIPS-140-2 mode.
NOTE: Once fips-140-2 mode is enabled, it cannot be 'disabled' through the configuration. A fresh software installation is required to set the FIPS-140-2 mode back to 'disabled'. |
Configuration Example
set system admin vsbcSystem fips-140-2 mode enabled
Overview
Content Tools