When upgrading to Symantec Endpoint Protection Manager 12.1.3 (RU3) with FIPS enabled, FIPSMode.vbs executes twice

book

Article ID: 158330

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

When you upgrade a FIPS-enabled Symantec Endpoint Protection Manager (SEPM) 12.1.1.1 (12.1 RU1 MP1) to Symantec Endpoint Protection Manager 12.1.3 (12.1 RU3), also with FIPS enabled, the logs indicate that FIPSMode.vbs executes twice.

 

The FIPSMode.log may display messages similar to the ones shown in the following log excerpt:

[DATE] 6:45:21 PM  ================ FIPSMode.vbs ver 12.1.3001.165 starting ================
[DATE] 6:45:21 PM  Specified FIPSMode action is INSTALL
[DATE] 6:45:21 PM  Determined FIPSMode action is ENABLE
..
..
..
..
[DATE] 6:45:22 PM  Found entry:   com.symantec.crypto.fips140mode=true
[DATE] 6:45:22 PM  Setting entry: com.symantec.crypto.fips140mode=true
[DATE] 6:45:22 PM  FIPSMode.vbs has completed successfully.
[DATE] 7:00:14 PM  ================ FIPSMode.vbs ver 12.1.3001.165 starting ================
[DATE] 7:00:14 PM  Specified FIPSMode action is ENABLE
..
..
..
..
[DATE] 7:00:15 PM  Found entry:   com.symantec.crypto.fips140mode=true
[DATE] 7:00:15 PM  Setting entry: com.symantec.crypto.fips140mode=true
[DATE] 7:00:15 PM  FIPSMode.vbs has completed successfully.

 

Cause

This behaviour is related to expected behavior of RSA Crypto-J version 6, used in Symantec Endpoint Protection 12.1.3.

 

Resolution

The duplicate execution of FIPSMode.vbs can be safely ignored.

 


Applies To

FIPS  is enabled.