FIPS Mode Requirements
FIPS mode initiates a set of interoperability and cybersecurity configuration changes designed to bring your CMX systems into compliance with the the Federal Information Processing Standard 140-2 (FIPS).
Authentication Requirements
-
CMX sessions time out after no more than 30 minutes.
-
Imported controllers in FIPS mode must be updated to Secure Socket Shell (SSH) authentication, to enable their Network Mobility Services Protocol (NMSP) connection.
Log in Requirements
There are no additional log in requirements for FIPS.
Password Requirements
-
Password length: 8-20 characters.
-
Minimum: one lowercase (a-z), one uppercase (A-Z), one digit (0-9), one special character (!@&-).
Protocol Requirements
-
Transport Layer Security (TLS) 1.1 or higher.
-
Internet protocol security (IPsec) for User Datagram Protocol (UDP) connection.
-
Advanced Encryption Standard (AES) 256.
-
Secure Hash Algorithm (SHA) 1 or higher.
-
One of the following:
-
Rivest, Shamir, and Adelman (RSA) 2048 or higher.
-
Elliptic Curve Digital Signature Algorithm (ECDSA) with a National Institute of Standards and Technology (NIST) curve of P-256 or higher.
-