Installing Junos Software Packages (FIPS Mode)
SRX Series devices can provide the security defined by Federal Information Processing Standards (FIPS) 140-2 Level 2 if these devices are operated in the Junos OS in FIPS mode.
Junos OS is delivered in signed packages that contain digital signatures to ensure the Juniper Networks software is running. When installing the software packages, Junos OS validates the signatures and the public key certificates used to digitally sign the software packages. If the signature or certificate is found to be invalid (for example, when the certificate validity period has expired or cannot be verified against the root CA stored in the Junos OS internal store), the installation process fails.
To install these software packages, perform the following tasks:
- Download the Junos OS package and the Junos FIPS mode package from https://www.juniper.net/. See Downloading Software.
- Install the Junos OS on your device using a TFTP server, see Installing Junos OS on SRX Series Devices from the Boot Loader Using a TFTP Server or install Junos OS on your device using the following CLI command: request system software add /<image-path>/<junos package> no-copy no-validate reboot.