Operating WhatsUp Gold in FIPS 140-2 Mode
There are several important things to take into consideration if you plan to operate WhatsUp Gold in FIPS 140-2 mode:
- When the FIPS 140-2 mode is selected (enabled), WhatsUp Gold prompts users for the web interface user credentials to log into the console application.
- If WhatsUp Gold is being installed on an operating system that is currently running in FIPS140-2 mode, WhatsUp Gold detects the FIPS compliant operating system and automatically places WhatsUp Gold in FIPS 140-2 mode upon initial installation and start-up.
However, if WhatsUp Gold is installed on an operating system that is not running in the FIPS compliant mode and the operating system has the FIPS compliant mode enabled after a WhatsUp Gold install occurs, then you must manually enable the option in the WhatsUp Gold console application Program Options General dialog.
- If you plan to use FIPS 140-2, we recommend that you use credentials and SSL certificates that use strong encryption.
- If you plan to use FIPS 140-2, make sure that devices with SSH-based monitoring are configured to use SSHv2.
- SNMPv3 credentials using MD5 and/or DES56 are prohibited; you are unable to enable FIPS if SNMPv3 credentials using MD5 and/or DES56 exist in the Credentials Library. You must modify or remove such credentials in order to enable FIPS.
The following may occur when you try to enable FIPS 140-2 mode in the Program Options dialog:
This option is disabled because the SNMPv3 credentials are not FIPS compliant. Go to the Credentials Library to edit or remove the SNMP credentials. After editing or removing credentials, you can enable this option in the Program Options dialog.
For more information about the FIPS 140-2 specification, see the U.S. Department of Commerce documentation.