跳转到主内容
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.

升级到ONTAP 9.11.1RC1会导致FIPS 140-2合规性管理配置未经过验证

Views:
Visibility:
Public
Votes:
0
Category:
ontap-9
Specialty:
core
Last Updated:

    

适用场景

  • ONTAP 9.11.1RC1
  • FIPS模式
  • FIPS 140-2
  • TLS
  • HTTPS
  • SSL

问题描述

  • 发布时、ONTAP 9.11.1RC1中的OpenSSL FIPS模块正在NIST的加密模块验证计划(CMVP)中等待FIPS 140-2验证。  
  • 如果您的环境需要经过FIPS 140-2验证的FIPS模块、则在验证过程完成之前、不建议使用ONTAP 9.11.1RC1。

 

在ONTAP 9.11.1RC1集群中、要确定是否已启用FIPS模式、请在高级特权级别运行此命令:

security config show

示例:

::> set -privilege advanced

::*> security config show
 
Cluster    Supported
FIPS Mode  Protocols Supported Cipher Suites
---------- --------- ----------------------------------------------------------
true       TLSv1.3,  TLS_RSA_WITH_AES_128_CCM, TLS_RSA_WITH_AES_128_CCM_8,

  • 如果 集群FIPS模式为true、则适用本文所述的FIPS 140-2验证问题描述。
  • 如果 集群FIPS模式为false、则本文中所述的FIPS 140-2验证问题描述不适用

 

Scan to view the article on your device
CUSTOMER EXCLUSIVE CONTENT

Registered NetApp customers get unlimited access to our dynamic Knowledge Base.

New authoritative content is published and updated each day by our team of experts.

Current Customer or Partner?

Sign In for unlimited access

New to NetApp?

Learn more about our award-winning Support