There are several important things to take into consideration if you plan to operate in FIPS 140-2 mode:

  • When the FIPS 140-2 mode is selected (enabled), prompts users for the web interface user credentials to log into the console application.
  • If is being installed on an operating system that is currently running in FIPS140-2 mode, detects the FIPS compliant operating system and automatically places in FIPS 140-2 mode upon initial installation and start-up.However, if is installed on an operating system that is not running in the FIPS compliant mode and the operating system has the FIPS compliant mode enabled after a install occurs, then you must manually enable the Operate in FIPS 140-2 mode option in the console application Program Options General dialog.
  • If you plan to use FIPS 140-2, we recommend that you use credentials and SSL certificates that use strong encryption.
  • If you plan to use FIPS 140-2, make sure that devices with SSH-based monitoring are configured to use SSHv2.
  • SNMPv3 credentials using MD5 and/or DES56 are prohibited; you are unable to enable FIPS if SNMPv3 credentials using MD5 and/or DES56 exist in the Credentials Library. You must modify or remove such credentials in order to enable FIPS.

The following may occur when you try to enable FIPS 140-2 mode in the Program Options dialog:

If a message is presented that you have non-compliant SNMPv3 credentials:

This option is disabled because the SNMPv3 credentials are not FIPS compliant. Go to the Credentials Library to edit or remove the SNMP credentials. After editing or removing credentials, you can enable this option in the Program Options dialog.

For more information about the FIPS 140-2 specification, see the U.S. Department of Commerce documentation.