The following table provides an overview of the tasks required to configure Sentinel for operation in FIPS 140-2 mode.
|
Tasks |
For more information, seeā¦ |
|---|---|
|
Plan the deployment. |
|
|
Determine whether you need to enable FIPS 140-2 mode during the Sentinel installation or you want to enable it in future. To enable Sentinel in FIPS 140-2 mode during the installation, you need to select the Custom or Silent installation method during the installation process. |
Section 11.2.2, Custom Installation. Section 11.3, Performing a Silent Installation Section 18.0, Enabling FIPS 140-2 Mode in an Existing Sentinel Installation |
|
Configure Sentinel Plug-ins to run in FIPS 140-2 Mode. |
Section 19.5, Configuring Sentinel Plug-Ins to Run in FIPS 140-2 Mode. |
|
Import certificates into the Sentinel FIPS Keystore. |
Section 19.6, Importing Certificates into FIPS Keystore Database |
NOTE:NetIQ highly recommends taking a backup of your Sentinel systems before beginning the conversion to FIPS mode. If for some reason the server must be reverted to non-FIPS mode, the only supported method for doing so involves restoring from a backup. For more information on reverting to non-FIPS mode, see Reverting Sentinel to Non-FIPS Mode.