McDewey

• Strongswan - 5.9.10 • KFOM - linux_kfom_1_0_0 These versions are applicable for Release 15SU4. Important • CiscoSSL - 1.1.1zc.7.3.428 with FIPS Module CiscoSSL FOM 7.3a • CiscoSSH - 1.16.65 • BC FIPS - 2.0.0 • BCTLS FIPS - 2.0.19 • BCPKIX FIPS - 2.0.6 • Strongswan - 5.9.10 • KFOM - linux_kfom_1_0_0 For more information on the Unified Communications Manager upgrade, see the 'COP File Installation Guidelines' section in the Installation Guide for Cisco Unified Communications Manager and the IM and Presence Service. Note You can perform the following FIPS-related tasks: • Enable FIPS 140-2 mode • Disable FIPS 140-2 mode • Check the status of FIPS 140-2 mode • By default, your system is in the non-FIPS mode. You must enable it. • Ensure that the security password length is a minimum of 14 characters before you upgrade to FIPS, Common Criteria, or Enhanced Security mode on the cluster. Update the password even if the prior version was FIPS enabled. Note If you generate a Self-Signed Certificate or Certificate Signing Request (CSR) on FIPS mode, certificates must be encrypted using the SHA256 hashing algorithm and can't select SHA1. Enable FIPS 140-2 Mode Consider the following before you enable FIPS 140-2 mode on Unified Communications Manager: • When you switch from non-FIPS to FIPS mode, the MD5 and DES protocols aren't functional. Security Guide for Cisco Unified Communications Manager, Release 15 and SUs 243 Advanced System Security Enable FIPS 140-2 Mode