Cisco Cisco Email Security Appliance C170 Referencia técnica
84
Cisco AsyncOS 9.1 for Email CLI Reference Guide
Chapter 3 The Commands: Reference Examples
General Management/Administration/Troubleshooting
Note
All users, including the administrators, cannot view the sensitive information in the
configuration files.
configuration files.
–
Swap space in your appliance is encrypted to prevent any unauthorized access or forensic
attacks, if the physical security of the appliance is compromised.
attacks, if the physical security of the appliance is compromised.
•
Check if your appliance contains any non-FIPS-compliant objects
Usage
Commit: This command does not require a ‘commit’.
Cluster Management: This command can be used in the following modes: cluster and machine.
Batch Command: This command does not support a batch format.
Example: Enabling FIPS Mode
Note
Before enabling FIPS mode, you must modify all the non-FIPS-compliant objects to meet the FIPS
requirements.
requirements.
The following example shows how to enable FIPS mode.
mail.example.com> fipsconfig
FIPS mode is currently disabled.
Choose the operation you want to perform:
- SETUP - Configure FIPS mode.
- FIPSCHECK - Check for FIPS mode compliance.
[]> setup
To finalize FIPS mode, the appliance will reboot immediately. No commit will be required.
Are you sure you want to enable FIPS mode and reboot now ? [N]> y
Do you want to enable encryption of sensitive data in configuration file when FIPS mode is
enabled? Changing the value will result in system reboot [N]> n
Enter the number of seconds to wait before forcibly closing connections.
[30]>
System rebooting. Please wait while the queue is being closed...
Closing CLI connection.
Rebooting the system...
Example: Encrypting Sensitive Data in a FIPS Compliant Appliance
The following example shows how to encrypt sensitive data in a FIPS compliant appliance.
mail.example.com> fipsconfig
FIPS mode is currently enabled.
Choose the operation you want to perform: