configure security fips-mode

configure security fips-mode [on | off]

Description

This command enables you to toggle between the default OpenSSL library (FIPS compatible) and FIPS capable library.

Syntax Description

on Enables FIPS mode.
off Disable FIPS mode.

Default

Off.

Usage Guidelines

After enabling/disabling FIPS, EPM will be notified to change the bit dedicated to FIPS Mode. As per requirement, currently SSH and SNMP (Simple Network Management Protocol) will use this bit to toggle between normal and FIPS mode.

Example

show security fips-mode
FIPS Mode: Off

configure security fips-mode on
FIPS mode will be enabled only after rebooting the switch.
SNMPv3 users configured with either md5 authentication or DES encryption will be discarded after reboot.

show security fips-mode
FIPS Mode: On

History

This command was first available in ExtremeXOS 21.1.

Platform Availability

This command is available on the Summit X450-G2, X460-G2, X670-G2, X770, and ExtremeSwitching X440-G2, X620, X690, X870 series switches.