Include Page |
---|
| _FIPS_Releases |
---|
| _FIPS_Releases |
---|
|
Use the Fips-140-2 window to enable FIPS-140-2 mode.
The
supports FIPS 140-2 level 1 certification for its cryptographic modules. It implements FIPS 140-2 Level 1 validated cryptographic hardware modules and software tool kits and operates this module in FIPS 140-2 approved mode for all cryptographic operations.
...
...
FIPS compliant operating mode is a mode of system operation that is fully compliant with FIPS-140-2 at security level 1+. Putting the system in FIPS-140-2 operating mode requires enabling the fips-140-2 mode
parameter as well as configuring other parameters. To set the FIPS mode to enabled via CLI after logging in, the Administrator must execute the following commands:
Note |
---|
As per FIPS 140-2 standards, Critical Security Parameters (CSPs) cannot be transferred from non-FIPS to FIPS mode. So, after enabling FIPS mode, the Operator must install new TLS certificates for EMA/PM to be operational. Sonus recommends that current encrypted parameters be backed up in plaintextplain text, if possible. A full configuration backup should also be performed immediately after this action has successfully completed.
|
To enable Fips-140-2 mode
- On the SBC main screen, go
...
- to Administration
...
- > Users and Application Management
...
- > Fips-140-2. The Fips-140-2 window opens.
In Admin, select the name of the SBC system. The Edit Fips-140-2
...
options open.
Caption |
---|
0 | Figure |
---|
1 | Users and Application Management - Fips-140-2 |
---|
|
Image Added |
...
- Use the Mode option to enable Fips-140-2 mode.
Caption |
---|
0 | Table |
---|
1 | Users and Application Management - Fips-140-2 |
---|
|
|
Parameter | Description |
---|
Mode
| Note |
---|
Once fipsFips-140-2 mode has been enabled, it cannot be 'disabled' through configuration. A fresh software install that discards all prior state is required to set the FIPS-140-2 mode to 'disabled'. |
The options are: enabled - disabled Disabled (default)
- Enabled
|