7 Replies Latest reply on Apr 12, 2017 12:56 PM by jvdavis456

    FIPS mode after install

    jvdavis456

      Is there a way to enable FIPS mode after install in NSM 8.3.7.7 and NSP 8.3.3.4?

       

      I checked the install guide,  admin guides and CLI guide and found nothing. I even went back to 8.2 version of manuals and could find no mention of FIPS mode.

        • 1. Re: FIPS mode after install
          peter.mason

          Hi jvdavis456,

           

          @ mentioned that they had configured FIPS mode on 8.1 as per the DoD deployment guide for 8.1.19.x.

           

          Using CAC Authentication for NSM 8.1.19.15

           

          This is probably something you will need to request details from support on.

           

          Peter

          • 2. Re: FIPS mode after install
            peter.mason

            Hi Jvdavis456,

             

            Don't know if you found the answer to this yet.

             

            Looking at Security Bulletins ID: SB10160 on the support site it mentions a 8.1.x non-FIPS image and a 8.1.x FIPS image, so it seems you would need a specific FIPS enabled software version for your managers and sensors to enable this option.

             

            Regards

             

            Peter

            • 3. Re: FIPS mode after install
              jvdavis456

              Thanks Peter. I assumed it was something like that. The Support agents need to understand this as they tend to push customers to upgrade to fix errors but both parties are forgetting about FIPS.

              • 4. Re: FIPS mode after install
                jvdavis456

                Just to confirm...there is a separate FIPS compliant version of NSM software. Additionally, there are also FIPS compliant versions of the sensor software that need to be installed. They are not easy to find in the download page...they are labeled something to the effect of "certified". As of last month when I did the install the highest available version was 8.2.x

                • 5. Re: FIPS mode after install
                  peter.mason

                  Hi jvdavis,

                   

                  Yes, they are available in the Downloads section of support.mcafee.com and labeled as 'Network Security Platform Certification 8.1', the exe is labeled as 'FIPS NSM Build'. I couldn't find any links to them on the menshen1 site.

                   

                   

                  I don't see any version 8.2 sensor software for FIPS versions. The 8.2 software went end of life in March. Also according to the product documentation you can not run a higher sensor software version than you ave on your manager, so if you are running an 8.1 manager you should be running your sensors on 8.1 or lower.

                   

                  Peter

                  • 6. Re: FIPS mode after install
                    mjesmer

                    There is no switching between FIPS and non-FIPS. Like wise you cannot "upgrade to FIPS" from a non-FIPS build - has to be a fresh install.

                    • 7. Re: FIPS mode after install
                      jvdavis456

                      mjesmer You are correct...I wasn't suggesting that. In the scenario that raised my initial question the user performed the installation, independently from Professional Services, following all the guides which do not make anyone stop to ensure they are using the FIPS version of software if required. OOB devices tend to have non-FIPS 8.2.x (seems to vary depending on how long the device was in the warehouse). In this case they ran into issues and, under direction from support techs, ended up upgrading their NSP environment to 8.3.? to correct the issues. That is the context in which I was using the term upgrade.

                       

                      peter.mason Yes, 8.1. Sorry for the typo