Filter
Top Products
6: Basic Parameters
SLC™ 8000 Advanced Console Manager User Guide 74
DES-CBC3-SHA
SSL/secure certificates imported for use with the web server or LDAP authentication must use
either the SHA1 or SHA2 hash with a RSA public key of 1024, 2048 or 3072 bits.
When the SLC unit is running in FIPS mode, the following protocols/functions will not be
supported: NIS, Kerberos, RADIUS, TACACS+, Telnet/WebTelnet, WebSSH, IPSec/VPN, SSLv2,
SSH v1, FTP, PPP, CIFS/Samba, TCP (to Device Ports), unencrypted LDAP, and SNMP. If any of
these protocols/functions are enabled prior to enabling FIPS mode, they will be automatically
disabled.
LDAP authentication must be configured with the following:
StartTLS encryption (SSL encryption over port 636 is not supported)
A SSL/secure certificate
Either Bind with Login or a Bind Name and Password
Note: In FIPS mode, passphrases are not supported for SSH keys and SSL certificates.
Figure 6-6 Network > Security
To enable FIPS:
1. Check the Enable FIPS Mode check box on the Networks > Security page.
2. Click Apply. The SLC unit will need to be rebooted to initiate FIPS mode. Once the SLC
module is running in FIPS mode, the Security page, will display all processes that are running
in FIPS mode.
To disable FIPS:
1. Uncheck the Enable FIPS Mode check box on the Networks > Security page.
2. Click Apply. The SLC unit will need to be rebooted for this change to take effect.