End-of-Life (EoL)

Enable FIPS and Common Criteria Support

Use the following procedure to enable FIPS-CC mode on a software version that supports Common Criteria and the Federal Information Processing Standards 140-2 (FIPS 140-2). When you enable FIPS-CC mode, all FIPS and CC functionality is included.
When you enable FIPS-CC mode, the firewall will reset to the factory default settings; all configuration will be removed.
  1. Boot the firewall into maintenance mode as follows:
    1. Establish a serial connection to the console port on the firewall.
    2. Enter the following CLI command:
    debug system maintenance-mode
    1. Press Enter to continue.
    You can also reboot the firewall and enter
    at the maintenance mode prompt.
  2. Select
    Set FIPS-CC Mode
    from the menu.
  3. Select
    Enable FIPS-CC Mode
    from the menu.
  4. When prompted, select
    After successfully switching to FIPS-CC mode, the following status displays:
    FIPS-CC mode enabled successfully
    . In addition, the following changes will take place:
    • FIPS-CC
      will display at all times in the status bar at the bottom of the web interface.
    • The console port functions as a status output port only.
    • The default admin login credentials change to admin/paloalto.

Recommended For You