Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuration Options > Security > FIPS Security
FIPS Security
Help | Content Gateway | Version 7.8.x
Configure > Security > FIPS
This option pertains to HTTPS traffic and the FIPS 140-2 cryptography standard.
By default, when handling HTTPS traffic, Content Gateway accepts connections from sites using SSLv3. SSLv3 is not FIPS 140-2 compliant.
When FIPS mode is enabled:
*
HTTPS connections use only TLSv1 or higher
*
HTTPS connections use FIPS 140-2 approved algorithms
*
Content Gateway generates SHA-256 certificates in response to origin server certificate requests
 
* 
Warning 
Once enabled, FIPS 140-2 mode cannot be disabled without reinstalling Content Gateway. If Content Gateway is on an appliance, the appliance must be reimaged.
 
* 
Important 
Due to a system limitation, FIPS 140-2 mode cannot be used with NTLM user authentication (IWA fallback to NTLM or Legacy NTLM).
For complete information, see FIPS 140-2 Mode.
 
Option
Description
FIPS Enable/Disable radio buttons
By default, Content Gateway is installed in non-FIPS 140-2 mode.
To switch to FIPS 140-2 mode, select the Enabled radio button, click Apply, and restart Content Gateway.
Warning: Once enabled, FIPS 140-2 mode cannot be disabled without reinstalling Content Gateway. For Websense appliance installations, reinstallation requires reimaging the system.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Configuration Options > Security > FIPS Security
Copyright 2016 Forcepoint LLC. All rights reserved.