Running BMC Client Management in FIPS-compliant mode

The Federal Information Processing Standard (FIPS) Publication 140-2, is a computer security standard, developed by a U.S. Government and industry working group to validate the quality of cryptographic modules.

You can download FIPS Publication 140-2 from the  National Institute of Standards and Technology (NIST) web site.

When an administrator enables FIPS mode ensures that BMC Client Management uses only FIPS compliant cryptographic algorithms and FIPS compliant keys. FIPS mode requires that the BCM administrator provides the FIPS-compliant SSL keys.

When not running in FIPS mode, BMC Client Management still uses FIPS compliant cryptographic algorithms where possible.

Before you begin

Before enabling the FIPS mode, you must activate all configurations from Security Checklist (Java console Dashboard). For more information, see Reviewing BMC Client Management security.

To enable FIPS mode

1. Stop the Master server.
2. In the Security section of the BMC Software\BMC Software\Client Management\Master\config\mtxagent.ini file, add the following parameter:
   FipsMode=0.
3. Start the Master server.
4. On the BMC Client Management Home page, in the Security Checklist section, click Activate FIPS.