CTMFIPS
|
FIPS mode for Control-M. When activated, all Control-M cryptographic functions will be compliant with the FIPS 140-2 security standard.
Currently, the following functions can work in FIPS mode:
- Control-M for z/OS communications, via IOAGATE, with the Control-M/Enterprise Manager (EM), when using SSL
- Control-M for z/OS communications, via IOAGATE, with the Control-M Configuration Manager (CCM), when using SSL
Valid values are:
- NO – FIPS compliance is not required.
- YES – FIPS compliance is required. Any relevant process that cannot work in FIPS-compliant mode will be terminated.
- TRY - Attempt to work in FIPS-compliant mode. Any relevant process that cannot work in FIPS-compliant mode will issue a warning message, but will continue in non-FIPS mode.
This parameter can be set using either:
- ICE
- A request from CCM to work in FIPS mode
When CCM requests Control-M for z/OS to work in FIPS mode, CTMFIPS is automatically set to TRY, pending a restart of IOAGATE. After the restart, CTMFIPS is automatically set to YES, if FIPS mode has succeeded, or NO, if it has not, and the results are reported back to CCM.
|
CTDFIPS
|
FIPS mode for Control-D. When activated, all Control-D cryptographic functions will be compliant with the FIPS 140-2 security standard.
Currently, the following functions can work in FIPS mode:
- Control-D communications with Control-D /WebAccess via IOAGATE when using SSL. DES/TDES data encryption is disabled (regardless of SSL usage).
- Control-D communications with Session Manager (FTO) for receiving files via IOAGATE when using SSL
- CDAM encryption
Valid values are:
- NO – FIPS compliance is not required.
- YES – FIPS compliance is required. Any relevant process that cannot work in FIPS-compliant mode will be terminated.
- TRY - Attempt to work in FIPS-compliant mode. Any relevant process that cannot work in FIPS-compliant mode will issue a warning message, but will continue in non-FIPS mode.
This parameter can only be set using ICE.
|