Enable FIPS Mode Using Group Policy
Use this procedure to require all connections to use FIPS (Federal Information Processing Standards) mode. When FIPS mode is enabled, all connections are made using security protocols and algorithms that meet FIPS 140-2 standards. In this mode, some standard connection options are not available. To successfully connect in FIPS mode, your server must support "high-encryption" capabilities.
FIPS mode allows the following security configurations:
This procedure requires that you first install the administrative template for EXTRA!. See Administer Features using Windows Group Policy.
To enable FIPS mode via Group Policy
Existing sessions that are configured for FIPS mode will continue to work as expected. Existing sessions that aren't configured for FIPS mode will fail to connect. (An error message will appear in the EXTRA! status log.) When these session files are modified, the connection editor will automatically switch the security type to FIPS mode.
Any new sessions that are created will be limited to connections that support FIPS mode.