Fips compliance, 93 viewing the fips compliance section, High security configuration page – HP Secure Key Manager User Manual

Clustering

Clustering FIPS-compliant devices with non-FIPS-compliant devices will disable FIPS for all devices in

the cluster.

Backups

FIPS and non-FIPS devices cannot share backups.

FIPS Self-Test

To run a FIPS self-test on the SKM, powercycle the device.

Software Patches and Upgrades

HP will indicate which software patches and upgrades are FIPS certified. Apply only FIPS certified

software to a FIPS-compliant device. Doing otherwise takes the device out of FIPS compliance.

Enabling and Disabling FIPS Compliance

According to FIPS requirements, you cannot enable or disable FIPS when there are keys on the SKM. You

must manually delete all keys before enabling and disabling FIPS compliance. Keys are zeroized upon

deletion. We strongly recommend that you back up your keys before deleting.

High Security Configuration page

The High Security Configuration page enables you to manage the high security settings for SKM. This

page contains the following sections:

• FIPS Compliance
• High Security Settings
• Security Settings Configured Elsewhere

FIPS Compliance

Use this section to determine if the SKM is FIPS-compliant and to enable FIPS compliance.

NOTE:

This section is only available on devices that are FIPS capable.

Figure 93 Viewing the FIPS Compliance section

The following table describes the components of the FIPS Compliance section.

156

Using the Management Console