Cisco CSS-11154-AC Configuration Guide - Page 151

Chapter 6 FIPS Operation Using FIPS Mode FIPS Mode acts as a filtering system, allowing only FIPS Level 2-compliant SSL objects to be used for data transfer. Entering FIPS Mode is a two-step process: starting the FIPS Mode process and rebooting the device in FIPS Mode. 1. Connect to the device using a serial management session and enter Privileged Mode. SCA> enable SCA# 2. Enable FIPS operation. SCA# fips enable 3. A caution is displayed. Read the text carefully before replying to it. Enabling FIPS mode will cause a restart of the device. Entering FIPS mode will also change the behavior of the device. Only FIPS-approved algorithms are supported. Only FIPS-compliant servers can be used. Management is available only via the serial console. Passwords must be at least eight characters long. Firmware signature verification is enabled. Some commands are not supported. Are you sure you want to do this? (y/n) [n] 4. The Secure Content Accelerator checks access- and enable-level passwords previously set, if any. The display reflects the state of current passwords: Note FIPS Mode passwords must be at least eight characters in length and are limited to a character set containing the alphabet, Arabic numerals, period (.), hyphen (-), underscore (_), and a. If no passwords had been set previously, this text is displayed: You need to provide an access-level password of at least 8 characters. Enter new password: Confirm password: You need to provide an enable-level password of at least 8 characters. Enter new password: Confirm new password: 78-13124-06 Cisco 11000 Series Secure Content Accelerator Configuration Guide 6-3