Secure Mobile Access 12.4 CMS Administration Guide

CMS Configuration > Central FIPS Licensing
Table of Contents

Central FIPS Licensing

FIPS (Federal Information Processing Standard) 140-2 Level 2 is a validation standard for evaluating cryptographic modules, and includes stringent reviews of source code, algorithms, physical security, and operational testing on cryptographic security products. The United States Federal Government is required to purchase cryptographic products validated to the FIPS 140-2 standard. In the international marketplace, ISO19790 is being adopted as a standard and is a direct adaptation of FIPS 140-2.

The SonicWall SMA 8200v, 7200, 7210, and SMA 6200, 6210 appliances have FIPS 140-2 Level 2 certification from NIST (the National Institute of Standards and Technology, the United States FIPS 140-2 Cryptographic Module Validation Authority) and CSE (the Communications Security Establishment, the Canadian FIPS 140-2 Cryptographic Module Authority).

FIPS mode is transparent to end users. Internally, FIPS mode enforces secure communication and system integrity.

FIPS can be enabled on centrally managed appliances.

  • A central FIPS license allows all appliances managed by the CMS to be FIPS-enabled.
  • To be managed by the CMS, FIPS-enabled appliances are not required to be part of a GTO service.
  • A CMS license that includes FIPS must also include central user licenses. An appliance that is not centrally licensed, but has its own user license file, cannot be FIPS-enabled from a CMS-based license.

When the CMS central user license has FIPS, the administrator can enable FIPS individually for any managed appliance from its AMC. (See “Enabling FIPS” in the SMA 12.4 Administration Guide for more information.)

For more information about FIPS, see “FIPS Certification” in SMA 12.4 Administration Guide.

To enable Central FIPS Licensing

  1. Navigate to Management Server > Configure > General Settings.
  2. Under Licensing, click Edit.
  3. In the Online Licensing section, click Register.
  4. Log into your MySonicWall account with your username and password.
  5. Navigate to Product Management > My Products.
  6. Expand the line that contains your CMS license.
  7. On the Licenses page, in the Gateway Services section, verify that FIPS Support has an active license.