Setting Modes of Operations
The following table lists the relevant configuration parameters and the values permitted for FIPS mode.
Configuration Parameters and Values for FIPS Mode
|
INI File Parameter |
Permitted Value |
Comment |
|---|---|---|
|
[EnforcePasswordComplexity] |
1 |
Enforces device validation that passwords are composed of at least two characters from each of the four groups (uppercase, lowercase, digits and special characters). This also means that passwords must be at least eight characters in size. |
|
[HTTPSOnly] |
1 |
Enforces only HTTPS connectivity with the device's management interface (Web and REST API). |
|
[TelnetServerEnable] |
0 |
Enables SSH access to the device's CLI on port 22 (default). Telnet access must be blocked. |
|
[HASecuredConnectivityMode] |
1 |
When the device is configured to operate as an HA system (1+1), the Maintenance link must be configured to be secured. |
| ➢ | To apply these parameter settings to the device: |
| 1. | Create a text file (using any text-based tool such as Notepad) with the configuration settings, as shown below: |
; Setting Password Complexity EnforcePasswordComplexity = 1 ; Secured WEB/REST access HTTPSOnly = 1 ; Allow only secured CLI access (SSH) TelnetServerEnable = 0 ; Set Maintenance Interface to be secured (for HA systems only) HASecuredConnectivityMode = 1
| 2. | Save the file as an .ini file (e.g., device.ini). |
| 3. | Upload the file to the device through the Web interface (see Downloading or Uploading ini File). |
Once the file is uploaded, the device restarts and is accessible only through HTTPS / SSH.