When FIPS 140-2 compliance is enabled in the Enterprise
Console, some functionality that is not FIPS 140-2 compliant will
not work as expected or will be disabled, including the Manual Explore
plugin. By default, the Enterprise Console is compliant with the NIST
800-131a transition mode. When you run AppScan® Server Configuration Wizard, it will
detect whether or not your environment is in NIST strict mode and
will respect those settings.
About this task
User role: Product Administrator
Procedure
- In the Enterprise Console, go to the General Settings page
of the Administration view, and click Edit in
the Enterprise Console Settings section.
- By default, the check box in the Enable enhanced security section
is cleared. Select the option if your organization must be compliant
with FIPS 140-2 or NIST SP 800-131a. When the option is selected,
use the Manual Explorer tool to manually explore your application
for additional URLs. See Manually exploring your site to add more URLs to the scan to
learn how to download and use the tool.
Note: Upon upgrade
from version 8.7, the check box keeps the value it had before upgrade.
If you were FIPS compliant, then this checkbox remains selected; otherwise,
it remains cleared.
- Click Done.
