ONTAP Discussions

FIPS mode - any issues after enabling?

thomasb82
4,335 Views

Hi guys,

 

we have several clusters running 9.2 and I would like to enable FIPS mode for security reasons but wonder if that may cause any issues, for example with:

- SnapDrive, SnapManager, SnapCenter, Grafana, OnCommand Unified Manager etc.

 

 

Thanks for your feedback!

3 REPLIES 3

mbeattie
4,323 Views

Hi Thomas,

 

Yes i'm aware of one issue, after enabling FIPS mode, I believe it enables TLS 1.2 and prior versions are disabled. Therefore enabling FIPS can cause issues with scripts that use SSH and for Orchestration applications such as WFA due to the modification of the TLS version. There is a BURT raised for this issue (1091146).

 

/Matt

 

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

ronaldmajor
4,125 Views

I had issues with PuTTY, but upgrading to Putty 0.70 resolved it.

 

Invoke-NcSsh in PowerShell toolkit 4.4 also does not work. I don't know if the problem is in the toolkit or deeper in Windows.

 

sinhaa
3,746 Views

@ronaldmajor

 

@mbeattie

 

Invoke-NcSsh fails. But you can workyourself around it by using the below.

 

http://community.netapp.com/t5/OnCommand-Storage-Management-Software-Discussions/WFA-job-failure/m-p/138201/highlight/true#M25117

 

Let me know it you need help on this.

 

sinhaa

If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.
Public