Fips – HP Onboard Administrator User Manual

First Time Setup Wizard 56

FIPS

FIPS mode

•

FIPS mode OFF—Enables the use of non-FIPS-140-2-approved algorithms.

•

FIPS mode ON—Enforces the use of the Onboard Administrator in a FIPS 140-2-approved mode. This
FIPS mode includes the use of approved algorithms such as AES, 3DES, SHA and other security

restrictions.

•

FIPS mode DEBUG—Sets the Onboard Administrator to an environment similar to the FIPS mode ON,

but with the option of debug support from HP. The FIPS mode DEBUG has the functionalities of the FIPS
mode ON, but it is not considered FIPS-compliant because of the debug option.

The Onboard Administrator restarts after all changes are made.

IMPORTANT:

All existing settings are lost when you run this operation. Any change to the FIPS

mode setting performs a Restore to Factory Default operation.

FIPS Strong Password Enforcement
If the change is to the FIPS mode ON or FIPS mode DEBUG, strong passwords are enabled, minimum
password length is set to eight characters, and a new Administrator account password is requested.

Additionally, the Enclosure IP Mode, Telnet, SNMPv1, and SNMPv2 protocols are disabled and SNMPv3 is

available.
To save the settings, click Next. In case of linked enclosures, only the primary enclosure is affected. To
advance to the next step without applying the FIPS settings, click Skip.

NOTE:

Entering and exiting FIPS mode performs a factory restore operation and locks the Insight

Display (LCD). If the Onboard Administrator was previously configured with a static IP address, it

defaults to a DHCP address until reconfigured with a static IP address. Recovery requires access
to the Onboard Administrator serial console to perform the SHOW OA NETWORK command to

discover the new Onboard Administrator IP address.