Users Guide
The following features/applications support FIPS.
• Web GUI
• RACADM
• WSMan
• SSH v2
• SMTP
• Kerberos
• NTP Client
• NFS
NOTE: SNMP is not FIPS-compliant. In FIPS mode, all SNMP features except Message Digest algorithm version 5 (MD5)
authentication work.
Enabling FIPS Mode Using CMC Web Interface
To enable FIPS:
1 In the left pane, click Chassis Overview.
The Chassis Health page is displayed.
2 On the menu bar, click Network.
The Network Conguration page is displayed.
3 Under the Federal Information Processing Standards (FIPS) section, from the FIPS Mode drop-down menu, select Enabled.
A message is displayed that enabling FIPS resets CMC to the default settings.
4 Click OK to proceed.
Enabling FIPS Mode Using RACADM
To enable FIPS mode, run the following command:
racadm config –g cfgRacTuning –o cfgRacTuneFipsModeEnable 1
.
Disabling FIPS Mode
To disable FIPS mode, reset CMC to the default factory settings.
Conguring Services
You can congure and enable the following services on CMC:
• CMC serial console — Enable access to CMC using the serial console.
• Web Server — Enable access to CMC web interface. Disabling the web server also disables Remote RACADM.
• SSH — Enable access to CMC through rmware RACADM.
• Telnet — Enable access to CMC through rmware RACADM
• RACADM — Enable access to CMC using RACADM.
• SNMP — Enable CMC to send SNMP traps for events.
• Remote Syslog — Enable CMC to log events to a remote server. To use this feature, you must have an Enterprise license.
CMC includes a web server that is congured to use the industry-standard SSL security protocol to accept and transfer encrypted data
from and to clients over the Internet. The web server includes a Dell self-signed SSL Digital Certicate (Server ID), and is responsible for
Conguring
CMC 87