Security62 Xerox ® WorkCentre® 4265 Multifunction PrinterSystem Administrator GuideFIPS 140-2If FIPS 140-2 encryption is required, all computers, servers, browser software, security certificates, andapplications must comply with the standard or operate in FIPS-compliant mode. Transmitted and storeddata must be encrypted as specified in United States Federal Information Processing Standard (FIPS)140-2 (Level 1). You can enable the printer to check that the current configuration ensures the specifiedencryption.Enabling FIPS 140 Mode can prevent the printer from communicating with network devices thatcommunicate using protocols that do not use FIPS-compliant encryption algorithms. To allow non-FIPScompliant protocols or features when FIPS 140 mode is enabled, acknowledge the notification ofnon-compliance during the validation process.When non-FIPS compliant protocols are enabled after FIPS mode is enabled, a message appearsindicating the protocols use non-FIPS compliant encryption algorithms. Examples of non-FIPS compliantprotocols include SNMPv3 or NetWare.When you enable FIPS-140 mode, the printer validates the current configuration by performing thefollowing checks:• Validates certificates for features where the printer is the server in the client-server relationship. AnSSL certificate for HTTPS is an example.• Validates certificates for features where the printer is the client in the client-server relationship. CAcertificates for LDAP, Xerox Extensible Interface Platform, and Smart eSolutions are examples.• Validates certificates that are installed on the printer, but not used. Certificates for HTTPS, LDAP, orSNMPv3 are examples.• Checks features and protocols for non-compliant encryption algorithms. For example, NetWare andSNMPv3 use encryption algorithms that are not FIPS-compliant.When validation is complete, information and links appear in a table at the bottom of the page.• Click the appropriate link to disable a non-compliant feature, or protocol.• Click the appropriate link to replace any non-compliant certificates.• Click the appropriate link to acknowledge that you allow the printer to use non-compliant featuresand protocols.Enabling FIPS 140 Mode and Checking for Compliance1. In CentreWare Internet Services, click Properties > Security > Encryption.2. Click FIPS 140-2.3. To enable FIPS140 Validation Mode, select Enabled.4. Click Apply.5. If the configuration check passes, a Reboot Machine prompt appears. At the prompt, click OK.6. If the configuration check fails, to disable the protocol, click the appropriate link, replace thecertificate, or allow the printer to use the non-compliant protocol.