Skip to main content

FIPS mode and TLS and SSL management

Contributors netapp-dbagwell netapp-aherbin
PDFs

The FIPS 140-2 standard specifies security requirements for cryptographic modules within security systems that protect sensitive information in computer and telecommunication systems. The FIPS 140-2 standard applies specifically to the cryptographic module, rather than the product, architecture, data, or ecosystem. The cryptographic module is the specific component (hardware, software, firmware, or a combination of the three) that implements NIST-approved security functions.

Enabling FIPS 140-2 compliance has effects on other systems and communications internal and external to ONTAP 9. NetApp highly recommends testing these settings on a nonproduction system that has console access.

Beginning with ONTAP 9.11.1 and TLS 1.3 support, you can validate FIPS 140-3.

Note The FIPS configuration applies to ONTAP and the platform BMC.

NetApp ONTAP's FIPS-mode configuration

NetApp ONTAP has a FIPS-mode configuration that instantiates an added level of security to the control plane:

  • Beginning in ONTAP 9.11.1 when FIPS 140-2 compliance mode is enabled, TLSv1, TLSv1.1 and SSLv3 are disabled, and only TSLv1.2 and TSLv1.3 remain enabled. It affects other systems and communications that are internal and external to ONTAP 9. If you enable FIPS 140-2 compliance mode and then subsequently disable, TLSv1, TLSv1.1, and SSLv3 remain disabled. Either TLSv1.2 or TLSv1.3 will remain enabled depending on the previous configuration.

  • For versions of ONTAP prior to 9.11.1 when FIPS 140-2 compliance mode is enabled, both TLSv1 and SSLv3 are disabled and only TLSv1.1 and TLSv1.2 remain enabled. ONTAP prevents you from enabling both TLSv1 and SSLv3 when FIPS 140-2 compliance mode is enabled. If you enable FIPS 140-2 compliance mode and then subsequently disable it, TLSv1 and SSLv3 remain disabled, but either TLSv1.2 or both TLSv1.1 and TLSv1.2 are enabled depending on the previous configuration.

  • NetApp Cryptographic Security Module (NCSM), which is FIPS 140-2 level 1 validated, provides software-based compliance.

Note NIST has submitted a FIPS-140-3 standard, and NCSM will have FIPS-140-2 and FIPS-140-3 validations. All FIPS 140-2 validations will move to historical status on September 21, 2026, which is five years after the last day for new certificate submissions.

Enable FIPS-140-2 and FIPS-140-3 compliance mode

Beginning with ONTAP 9, you can enable the FIPS-140-2 and FIPS-140-3 compliance mode for cluster-wide control plane interfaces.

FIPS enablement and protocols

The security config modify command allows you to modify the existing cluster-wide security configuration. If you enable FIPS-compliant mode, the cluster automatically selects only TLS protocols.

  • Use the -supported-protocols parameter to include or exclude TLS protocols independently from FIPS mode. By default, FIPS mode is disabled, and ONTAP supports the TLSv1.2, TLSv1.1, and TLSv1 protocols.

  • For backward compatibility, ONTAP supports adding SSLv3 to the supported-protocols list when FIPS mode is disabled.

FIPS enablement and ciphers

  • Use the -supported-cipher-suites parameter to configure only the Advanced Encryption Standard (AES) or AES and 3DES.

  • You can disable weak ciphers such as RC4 by specifying !RC4. By default, the supported cipher setting is ALL:!LOW:!aNULL:!EXP:!eNULL. This setting means that all supported cipher suites for the protocols are enabled, except for the ones using 64-bit or 56-bit encryption algorithms with no authentication, no encryption, no exports, and low-encryption cipher suites.

  • Select a cipher suite that is available with the corresponding selected protocol. An invalid configuration might cause some functionality to fail to operate properly.

  • For the correct cipher string syntax, see the ciphers page on OpenSSL (published by the OpenSSL software foundation). Beginning with ONTAP 9.9.1 and later releases, you are no longer required to reboot all the nodes manually after modifying the security configuration.

SSH and TLS security hardening

SSH administration of ONTAP 9 requires an OpenSSH client 5.7 or later. SSH clients must negotiate with the Elliptic Curve Digital Signature Algorithm (ECDSA) public key algorithm for the connection to be successful.

To harden TLS security, enable only TLS 1.2 and use cipher suites capable of Perfect Forward Secrecy (PFS). PFS is a method of key exchange that, when used in combination with encryption protocols like TLS 1.2, helps prevent an attacker from decrypting all network sessions between a client and server.

Enable TLSv1.2 and PFS-capable cipher suites

To enable only TLS 1.2 and PFS-capable cipher suites, use the security config modify command from the advanced privilege level.

Note Before changing the SSL interface configuration, ensure that the client supports the ciphers DHE and ECDHE when connecting to ONTAP to maintain connectivity with ONTAP.
Example
cluster1::*> security config modify -interface SSL -supported-protocols TLSv1.2 -supported-cipher-suites PSK:DHE:ECDHE:!LOW:!aNULL:!EXP:!eNULL:!3DES:!kDH:!kECDH

Confirm y for each prompt. For more information on PFS, see this NetApp blog.

Related information

Federal Information Processing Standard (FIPS) Publication 140