Fips status server overview, Configuring the high security settings on an skm – HP Secure Key Manager User Manual

Page 160

Advertising
background image

1.

View the Security Protocols enabled on your Internet Browser. You must enable TLS 1.0 to access

the Management Console while FIPS-compliant.

2.

Log in to the Management Console as an administrator with SSL, Advanced Security, and KMS

Server access controls.

3.

Navigate to the High Security Configuration page (Security > High Security).

4.

Confirm that the Is FIPS Compliant value is “No” in the FIPS Compliance section.

NOTE:

If the Is FIPS Compliant value is “Yes,” the device is currently FIPS-compliant and settings

should not be modified.

5.

Click Set FIPS Compliant in the FIPS Compliance section.

6.

Review the settings in the High Security Settings and Security Settings Configured Elsewhere sections

to confirm all settings have been adjusted for FIPS compliance.

Configuring the High Security Settings on an SKM

IMPORTANT:

When you enable FIPS compliance on the SKM, the functionality displayed here is disabled. Modifying

any

of the items in the High Security Settings section immediately takes the device out of FIPS compliance.

This section should be used to

review

the key and device security functionality that has been disabled for

full FIPS compliance. When the device is FIPS-compliant, you should not alter these settings.

To configure the High Security settings on a non-FIPS-compliant SKM:

1.

Log in to the Management Console as an administrator with SSL, Advanced Security, and KMS

Server access controls.

2.

Navigate to the High Security Configuration page (Security > High Security).

3.

Alter the fields in the High Security Settings section as needed.

4.

Navigate to the Security Settings Configured Elsewhere section (located below High Security

Settings).

5.

Review the settings in this section. To alter these settings, click the fields to access the appropriate

sections.

FIPS Status Server overview

The FIPS Status Server is an http server that provides system status, in the form of the FIPS Status report,

whenever the device is running. The report indicates:

the latest results of all system self-tests

the device state (either error or normal)

the status of FIPS compliance (either yes or no)

The device performs the following tests:

160

Using the Management Console

Advertising
Popular Brands
Popular manuals