Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
281282283284285286287288289290
283
FIPS configuration
Feature and hardware compatibility
Overview
Federal Information Processing Standards (FIPS), developed by the National Institute of Standard and
Technology (NIST) of the United States, specify the security requirements for cryptographic modules. FIPS
140-2 defines four levels of security, simply named "Level 1" to "Level 4" from low to high. Currently, the
device supports Level 2.
Unless otherwise noted, FIPS in the document refers to FIPS 140-2.
Configuring FIPS
Prerequisites
The way for using FIPS mode:
Delete all MD5-based digital certificates.
Delete the DSA key pairs that have a modulus length of less than 1024 bits and all RSA key pairs.
Enable FIPS mode.
Enable password-control function.
Configure the login user name and password. The password must comprise no less than 8
characters and must contain uppercase and lowercase letters, digits, and special characters.
Configure the login user service-type.
Save the configuration and reboot the device. After reboot, the device is working in FIPS 140-2 mode. In
CC certificate, this is equal to work according to CC standard.
Enabling FIPS mode
After enabling FIPS mode, you must restart the device to validate the configuration.
Follow these steps to enable FIPS mode:
To do… Use the command…
Remarks
Enter system view system-view
Enable FIPS mode fips mode enable
Required
Not enabled by default.