search cancel

Encryption Management Server Client log shows FIPS integrity checks disabled

book

Article ID: 198734

calendar_today

Updated On:

Products

Encryption Desktop Powered by PGP Technology Encryption Management Server Powered by PGP Technology Encryption Management Server

Issue/Introduction

In the Encryption Management Server administration console under Reporting / Logs / Client log you see this entry:

FIPS integrity checks disabled

Environment

  • Symantec Encryption Desktop 10.4 and above.
  • Symantec Encryption Management Server 3.4 and above.

Cause

FIPS 140-2 operational and integrity checks are disabled in the Encryption Desktop client policy.

Resolution

Providing the clients are running Encryption Desktop 10.4 and above, this log entry can be ignored because FIPS 140-2 operational and integrity checks are always enabled, whether or not they are enabled in policy. If you enable FIPS 140-2 operational and integrity checks in policy, the only change that occurs is that the log entry does not appear. See article 163582 on how to enable the FIPS 140-2 operational and integrity checks in policy.

In Encryption Desktop releases prior to 10.4, FIPS 140-2 operational and integrity checks did need to be explicitly enabled in policy. Note, however, that Encryption Desktop releases prior to 10.4 are end of support life.