When the device is in Common Criteria Administrative mode, perform the following steps to place the device into Common Criteria Operational mode.
Procedure
Configure the local user accounts as secure and delete non-secure user accounts. A local user account is secure when it has a password with characters from three or more character classes. These character classes are uppercase, lowercase, numeric, and ASCII non-alphanumeric characters.
Configure secure logging by
setting up the encrypted Syslog server. For details, refer to Appendix C:
Configuring an external Syslog Server with TLS support.
Use the
enable aaa console command to ensure user authentication during the next reload. This also requires that you have enabled AAA authentication with the
aaa authentication login default command.
Use the aaa authentication login
privilege-mode command. It allows you to login directly to
privilege mode.
Use the
write memory command to save the configuration.
Reload the device.
What to do next
On successful completion of these steps, the device will be in Common Criteria Operational mode.
