Black Box LES1216A-R2 Manuale Utente
Click Apply to run the systemsettings configurator
The Commit Config button will no longer be displayed in the top right-hand corner of the screen and
configurations will no longer be queued.
11.6 FIPS Mode
The Advanced Console Servers (LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2) all use an
embedded cryptographic module that has been validated to meet the FIPS 140-2 standards.
Note
The US National Institute of Standards and Technology (NIST) publishes the FIPS (Federal
Information Processing Standard) series of standards. FIPS 140-1 and FIPS 140-2 are both
technical standards and worldwide de-facto standards for the implementation of cryptographic
modules. These standards and guidelines are issued by NIST for use government-wide. NIST
develops FIPS when there are compelling Federal government requirements such as for security
and interoperability and there are no acceptable industry standards or solutions.
Advanced Console Servers (LES1408A, LES1416A, LES1432A, LES1448A, LES1308A,
LES1316A, LES1332A, LES1348A, LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2)
use an embedded OpenSSL cryptographic module that has been validated to meet the FIPS 140-
2 standards and has received Certificate #1051
technical standards and worldwide de-facto standards for the implementation of cryptographic
modules. These standards and guidelines are issued by NIST for use government-wide. NIST
develops FIPS when there are compelling Federal government requirements such as for security
and interoperability and there are no acceptable industry standards or solutions.
Advanced Console Servers (LES1408A, LES1416A, LES1432A, LES1448A, LES1308A,
LES1316A, LES1332A, LES1348A, LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2)
use an embedded OpenSSL cryptographic module that has been validated to meet the FIPS 140-
2 standards and has received Certificate #1051
When configured in FIPs mode all SSH, HTTPS and SDT Connector access to all services on the advanced
console servers will use the embedded FIPS compliant cryptographic module. To connect you must also
be using cryptographic algorithms that are FIPs approved in your browser or client or the connection will
fail.
Select the System: Administration menu option
Check FIPS Mode to enable FIPS mode on boot, and check Reboot to safely reboot the console
server
Click Apply and the console server will now reboot. It will take several minutes to reconnect as
secure communications with your browser are validated, and when reconnected it will display
“FIPs mode: Enabled” in the banner
Not
To enable FIPS mode from the command line, login and run these commands:
config -s config.system.fips=on
touch /etc/config/FIPS
chmod 444 /etc/config/FIPS
flatfsd -b
touch /etc/config/FIPS
chmod 444 /etc/config/FIPS
flatfsd -b
The final command saves to flash and reboots the unit. The unit will take a few minutes
to boot into FIPS mode. To disable FIPS mode:
to boot into FIPS mode. To disable FIPS mode:
config -d config.system.fips
rm /etc/config/FIPS
flatfsd –b
rm /etc/config/FIPS
flatfsd –b
_____________________________________________________________________
724-746-5500 | blackbox.com
Page 202