McDewey

C H A P T E R 21 FIPS Mode Setup • FIPS Setup, on page 241 • Enhanced Security Mode, on page 250 • Common Criteria Mode, on page 252 FIPS Setup FIPS mode is only supported on releases that have been through FIPS compliance. Be warned that FIPS mode should be disabled before you upgrade to a non-FIPS compliance version of Unified Communications Manager. For information about which releases are FIPS compliant and to view their certifications, see the FIPS 140 document at https://www.cisco.com/c/en/us/solutions/industries/government/global-government-certifications/ fips-140.html. Caution From Release 15SU3 onwards, Unified Communications Manager and IM and Presence Service are FIPS 140-3 compliant. There are no changes to the configuration procedures for enabling or disabling FIPS. Important FIPS, or Federal Information Processing Standard, is a U.S. and Canadian government certification standard. It defines requirements that cryptographic modules must follow. Certain versions of Unified Communications Manager are FIPS 140-2 compliant, in accordance with the U.S. National Institute of Standards (NIST). They can operate in FIPS mode, level 1 compliance. Unified Communications Manager • Reboots • Runs certification self-tests at startup • Performs the cryptographic modules integrity check • Regenerates the keying materials When you enable FIPS 140-2 mode. At this point, Unified Communications Manager operates in the FIPS 140-2 mode. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 241