1. Oracle ILOM Security Guide For Firmware Release 5.1.x
  2. Oracle ILOM Deployment Practices for Increasing Security
  3. Choosing Whether to Configure FIPS Mode At Deployment
  4. Enable FIPS Mode at Deployment

Enable FIPS Mode at Deployment

Note:

FIPS compliance mode in Oracle ILOM is represented by State and Status properties. The State property represents the configured mode in Oracle ILOM and the Status property represents the operational mode in Oracle ILOM. When the FIPS State property is changed, the change does not affect the operational mode (FIPS Status property) until the next Oracle ILOM reboot.

Before You Begin

  • The FIPS State and Status properties are shipped disabled by default.
  • When FIPS is enabled (configured and operational) some features in Oracle ILOM are not supported. For a list of unsupported features when FIPS is enabled, see Unsupported Features in Oracle ILOM When FIPS Mode Is Enabled.
  • The Admin (a) role is required to modify the FIPS State property.
  • The configurable property for FIPS compliance is available in Oracle ILOM as of firmware 3.2.4 and later.
  • All user-defined configuration settings are reset to their factory defaults upon modifying the FIPS mode State and Status properties in Oracle ILOM.
  1. In the Oracle ILOM web interface click ILOM Administration -> Management Access -> FIPS.
  2. In the FIPS page, perform the following:
    1. Select the FIPS State check box to enable the configured FIPS property.
    2. Click Save to apply the change.
    For additional configuration details, click the More details... link on the FIPS web page.
  3. To change the FIPS operational mode status in Oracle ILOM, perform the following steps to reboot Oracle ILOM.
    1. In the web interface, click ILOM Administration > Maintenance > SP Reset.
    2. In the SP Reset page, click the SP Reset button.
    Upon rebooting Oracle ILOM, the following occurs:
    • The last configured FIPS State (enabled) is applied on the system.
    • Any user-defined configuration settings previously configured in Oracle ILOM are reset to their factory default values.
    • The FIPS Status property is updated to reflect the current enabled operational state in Oracle ILOM.

      For a complete list and description of the FIPS Status messages, click the More details... link on the FIPS page.

    • A FIPS shield icon appears in the masthead area of the web interface.
    • All non-supported FIPS features are either disabled or removed from the CLI and web interface.

      For a complete list and description of non-supported FIPS features, click the More details... link on the FIPS page.

Related Information