I have a customer right now with FBI/CJIS requirements stating appliances need to be run in FIPS-mode. Based on what I have documented in the lab, they are now going to have to bring in another vendor, probably Cisco because of its FIPS compliance. The main driver is what looks like the loss of IPSEC B2B and IPSEC remote access (IKE issues) with FIPS 'on'
I'm actually fine with making the changes to SSH and SSL manually...and am documenting that process on my own.
Is there an ETA on when the 'fips' command is going to be changed to allow SSH and the WebUI? Will IPSEC availability be addressed?