Installing the SMC in FIPS mode

If you do not have a pre-installed SMC Appliance, you must enable FIPS restrictions on the Management Server, the Log Server, and the Management Client when you install them.

For detailed installation instructions and information about hardware requirements for third-party hardware, see the Forcepoint FlexEdge Secure SD-WAN Installation Guide and the Forcepoint FlexEdge Secure SD-WAN Release Notes.

CAUTION:
In Linux, cryptographic modules use /dev/random as the source of randomness. Using /dev/random as the source of randomness can block installation, startup, or even execution. We recommend that you install and run an entropy daemon, such as jitterentropy-rngd or haveged.

You must complete the following main steps:

  1. Download the SMC software from https://⁠support.forcepoint.com, then check the file integrity.
  2. Obtain licenses for all the SMC servers and the Secure SD-WAN Engine in the License Center at https://⁠stonesoftlicenses.forcepoint.com.

    Generate the licenses based on your Management Server proof-of-license (POL) code.

  3. Install the Management Server, the Log Server, and the Management Client.

    Enable FIPS restrictions during the installation.

  4. Start the Management Client.
  5. Install the licenses for the Management Server and Log Server.