Cisco Cisco Email Security Appliance C160 Références techniques

- SETUP - Configure FIPS mode.

- FIPSCHECK - Check for FIPS mode compliance.

[]> setup

To finalize FIPS mode, the appliance will reboot immediately. No commit will be required.

Are you sure you want to disable FIPS mode and reboot now ? [N]> n

Do you want to enable encryption of sensitive data in configuration file when FIPS mode is 

enabled? Changing the value will result in system reboot [N]> y

Enter the number of seconds to wait before forcibly closing connections.

[30]>

System rebooting.  Please wait while the queue is being closed...

Closing CLI connection.

Rebooting the system...

The following example shows how to check if your appliance contains any non-FIPS-compliant objects.

mail.example.com> fipsconfig

FIPS mode is currently disabled.

Choose the operation you want to perform:

- SETUP - Configure FIPS mode.

- FIPSCHECK - Check for FIPS mode compliance.

[]> fipscheck

Currently, there are non-FIPS-compliant objects configured.

List of non FIPS compliant DKIM Verification Profiles:

               Profile Name             Key Size

-------------------------------------------------------------

 1.            DEFAULT                  512

To be FIPS compliant, you must modify the above listed objects to meet FIPS requirements. 

For more information, see the

FIPS Management chapter in the Cisco AsyncOS Email User Guide.

FIPS mode is currently disabled.

Before enabling FIPS mode, you must modify all the non-FIPS-compliant objects to meet the FIPS 
requirements.

The 

generalconfig

 command allows you to configure browser settings.