fips
Use this command to enable Federal Information Processing Standards-Common Criteria (FIPS-CC) mode.
This enhanced security mode is required by some organizations, but may not be appropriate for others. It is valid only if you have installed a FIPS-certified firmware build. For more information on FIPS, or to obtain a certified build, contact Fortinet Technical Support.
When switching to FIPS mode, you will be prompted to confirm, and must log in again.
To disable FIPS mode, restore the firmware default configuration using factoryreset.
Back up the configuration before enabling FIPS mode. When you enable or disable FIPS-CC mode, all of the existing configuration is lost. For more information on making a complete backup, see the FortiMail Administration Guide. |
Syntax
execute fips kat {3des | aes | configuration-test | integrity-test | rng | rsa | sha1-hmac | all}