fips
Use this command to set the Federal Information Processing Standards (FIPS) status. FIPS mode is an enhanced security option for some FortiAnalyzer models. Installation of FIPS firmware is required only if the unit was not ordered with this firmware pre-installed.
Syntax
config system fips
set status enable
set entropy-token {enable | disable | dynamic}
set re-seed-interval <integer>
end
Variable |
Description |
---|---|
status enable |
Enable the FIPS-CC mode of operation. Note: enable option is available only when the device is not in FIPS mode. |
entropy-token {enable | disable | dynamic} |
Configure support for the FortiTRNG entropy token when switching to FIPS mode:
|
re-seed-interval <integer> |
The amount of time between RNG reseeding, in minutes (0 - 1440, default = 1440). |