Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Understanding Remote Access for Junos OS in FIPS Mode

 

When the NFX250 device is in Junos OS in FIPS mode, only SSH is available as a remote access service. To secure the information sent on administrative connections, use SSHv2 for CLI configuration. For SSH configuration information, see the Junos OS System Basics Configuration Guide.

Best Practice

For FIPS compliance, configure the NFX250 device over SSH connections because they are encrypted connections.

The Ethernet management (MGMT) port on the NFX250 device is enabled by default.

In Junos OS in FIPS mode, all critical security parameters (CSPs) must enter and leave the cryptographic module in encrypted form. Any CSP encrypted with a non-approved algorithm is considered plain text by FIPS. However, as the Crypto Officer, you can enter user authentication data in plain text.