Skip to main content
NetApp Knowledge Base

What impact enabling FIPS has on a metrocluster environment

  1. Last updated
  2. Save as PDF
Views:
20
Visibility:
Public
Votes:
0
Category:
metrocluster
Specialty:
MetroCluster
Last Updated:

Applies to

  • ONTAP 9
  • MetroCluster
  • Federal Information Processing Standard (FIPS)

Answer

  • Enabling FIPS in a metrocluster environment has the same impact as enabling FIPS on a regular cluster
  • The only difference in metrocluster environment is that enabling FIPS should be done on both sides of the metrocluster
  • When enabling FIPS, ONTAP will prevent enabling less secure protocols, such as TLSv1, SSLv3 and http
  • The following aspects of SNMP are also non-compliant with FIPS:
    • SNMPv1 and SNMPv2c users
    • SNMPv3 users with:
    • Authentication protocol as MD5 or none
    • Encryption Protocol as DES or none
    • Both of the above
    • SNMPv1 traphost
    • SNMPv3 traphost (configured with an SNMPv3 user non-compliant to FIPS)

Additional Information

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.