Enabling FIPS 140-2/NIST 800-131a compliance in the Enterprise Console

When FIPS 140-2 compliance is enabled in the Enterprise Console, some functionality that is not FIPS 140-2 compliant will not work as expected or will be disabled. By default, the Enterprise Console is compliant with the NIST 800-131a transition mode. When you run AppScan® Server Configuration Wizard, it will detect whether or not your environment is in NIST strict mode and will respect those settings.

About this task

User role: Product Administrator

Procedure

  1. In the Enterprise Console, go to the General Settings page of the Administration view, and click Edit in the Enterprise Console Settings section.
  2. By default, the check box in the Enable enhanced security section is cleared. Select the option if your organization must be compliant with FIPS 140-2 or NIST SP 800-131a.
    Note: Upon upgrade from version 8.7, the check box keeps the value it had before upgrade. If you were FIPS compliant, then this checkbox remains selected; otherwise, it remains cleared.
  3. Click Done.