Views:

Recommendation

  1. Disable FIPS mode for a Windows agent

    1. In the Windows system root folder (for example, C:\Windows), look for a file named ds_agent.ini. Open the file in a text editor or create a new file if you don't have one already.

    2. Add this line to the file:

      FIPSMode=0

    3. Restart the Deep Security Agent service.

  2. Disable FIPS mode for a Linux agent

    1. In /etc/), look for a file named ds_agent.conf. Open the file in a text editor or create a new file if you don't have one already.

    2. Add this line to the file:

      FIPSMode=0

    3. Restart the Deep Security Agent:

      Using a SysV init script: /etc/init.d/ds_agent restart

      Using a systemd command: systemctl restart ds_agent

  3. Confirm that the FIPS Mode is disabled on the agent.
          1. From the cmd or terminal, change directory to the Deep Security Agent install directory and run "dsa_query -c GetAgentStatus"
          2. from the result, it should show "FIPSMode: 0"

     
    If the user needs to use the FIPS mode, please turn on both side which are DSM and DSA FIPS mode.
     

    https://help.deepsecurity.trendmicro.com/20_0/on-premise/fips-140-2.html?Highlight=FIPS%20140-2%20compliant#Enable2

Keywords: Communication Problem, SSL Handshake, 605, 20.0.605