The HPE 3PAR OS must be configured to initialize its FIPS module to use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

An XCCDF Rule

Description

<VulnDiscussion>Unapproved mechanisms used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DOD data may be compromised.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>

ID: SV-255273r971535_rule
Severity: High
References: CCI-000803
Updated: 17 days ago

To initialize the FIPS module use:

cli% controlsecurity fips enable

Warning: Enabling FIPS mode requires restarting all system management interfaces, which will terminate ALL existing connections including this one.
When that happens, you must reconnect to continue.Continue enabling FIPS mode (yes/no)?
yes

After reconnecting, verify FIPS mode with:
cli% controlsecurity fips status

The HPE 3PAR OS must be configured to initialize its FIPS module to use mechanisms meeting the requirements of applicable federal laws, Executive orders, directives, policies, regulations, standards, and guidance for authentication to a cryptographic module.

Description

Remediation - Manual Procedure