How to determine if FIPS is enabled on Security Network IPS

Question & Answer

Question

How can you determine if FIPS mode is enabled on the Security Network IPS (GX) appliance?

Answer

By default, you might see lines in the messages file as seen below:

sshd[19684]: FIPS mode enabled

These "FIPS mode enabled" messages are normal and cannot be disabled. This indicates that the IPS is running encryption protocols and settings that conform to FIPS requirements. However, this message is not an indicator that FIPS mode is actually deployed. FIPS mode is only running if initially configured when setting up the appliance.

To verify if FIPS mode is configured and running, follow either set of instructions below:

From CLI

SSH to the device as root.
Run the following command:
service issFIPS status
If FIPS is actively deployed, you see the following:
Checking for issFipsd: running
If FIPS is not actively deployed, you will see the following:
Checking for issFipsd: unused

From LMI (web interface)

Login to the LMI web interface.
Find the System summary on the left side of the Appliance Dashboard.
If FIPS is enabled, there is a Fips Mode entry at the bottom showing Enabled as seen in the screen capture below:

If FIPS is not enabled, the Fips Mode line does not show up as seen in the following screen capture:

[{"Product":{"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Services","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"4.6.1;4.6.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

How to determine if FIPS is enabled on Security Network IPS

Question & Answer

Question

Answer

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?