Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

FIPS 140-2 Security Compliance

 

For advanced network security, a special version of Junos OS, called Junos-FIPS 140-2, is available. Junos-FIPS 140-2 provides customers with software tools to configure a network of Juniper Networks devices in a FIPS environment. FIPS support includes:

  • Upgrade package to convert Junos OS to Junos-FIPS 140-2

  • Revised installation and configuration procedures

  • Enforced security for remote access

  • FIPS user roles (Crypto Officer, User, and Maintenance)

  • FIPS-specific system logging and error messages

  • IPsec configuration for Routing Engine–to–Routing Engine communication

  • Enhanced password creation and encryption

Starting in Junos OS Release 15.1, Junos-FIPS is packaged in a domestic image only: a single Junos OS image supports both domestic and FIPS features. Users that have the FIPS credentials and permission to login can flip between a regular Junos image and FIPS image.

Note

Junos-FIPS has special password requirements. FIPS passwords must be between 10 and 20 characters in length. Passwords must use at least three of the five defined character sets (uppercase letters, lowercase letters, digits, punctuation marks, and other special characters). If Junos-FIPS is installed on the device, you cannot configure passwords unless they meet this standard.