Carrier Access Broadmore 1750 User Manual
Page 285
Broadmore 1750 - Release 4.6
11-19
Security Management (FIPS Mode)
Enabling FIPS Mode
4. Reboot the Broadmore for the change to take effect by entering the following
commands at the Broadmore prompt:
cli
↵
maintain
↵
redundancy
↵
cpu
↵
rebootstandby
↵
releasecpu
↵
NOTE:
The above command sequence reboots the standby CPU (if any)
and then the online CPU. In a redundant system, both CPUs must be
rebooted into the FIPS mode. Rebooting the online CPU will terminate the
current management session. After reboot, the previous standby CPU will
normally become the online CPU. It may take several minutes for the ARP
tables in the network to refresh before you can log into the online CPU.
5. Verify that the Broadmore is in FIPS mode by logging in with an SSH terminal
emulator such as SecureCRT (see “Logging In” on page
). If you must use
Telnet, the Broadmore is not in FIPS mode.
6. Start up the CAMMI interface by entering the following command at the
Broadmore prompt:
cammi
↵
7. After logging in, also verify that the Broadmore is in FIPS mode by observing
that the CAMMI Help / About Security screen shows that FIPS mode is active
(see “Help About Security” on page
8. Select Administration / User ID Rules and set the username and password
minimum length values (see “User ID Rules” on page
NOTE:
The Broadmore will only enforce the minimum length values
when creating new user accounts. Old accounts are not affected. The
Superuser (Crypto Officer) must ensure that all user accounts meet FIPS
140-2 requirements.