ONTAP must be configured to implement cryptographic mechanisms using FIPS 140-2.
An XCCDF Rule
Description
<VulnDiscussion>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DoD data may be compromised. Satisfies: SRG-APP-000412-NDM-000331, SRG-APP-000411-NDM-000330, SRG-APP-000179-NDM-000265</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-246958r961557_rule
- Severity
- High
- References
- Updated
Remediation - Manual Procedure
Configure ONTAP to use cryptographic mechanisms with "set -privilege advanced" reply "y" to continue and "security config modify -is-fips-enabled true -interface SSL".