Dell Wyse ThinOS Version 9.1 Security Configuration Guide

ThinOS allows you to enable or disable the Federal Information Processing Standard (FIPS) Publication 140-2 Level 1 authentication compliance. It is based on OpenSSL (Open Secure Socket Layer). You can configure the option using System Tools on the ThinOS client, local Admin Policy Tool, or Wyse Management Suite.

When you enable FIPS on ThinOS, algorithms that are unapproved by FIPS are not allowed to be used in a wireless connection. If the selected method uses an unapproved algorithm, the wireless connection fails. Example—EAP-MD5, EAP-MSCHAPV2, EAP-FAST, EAP-LEAP methods use MD5 and MD4, which are unapproved by FIPS.

To enable FIPS using either Admin Policy Tool or Wyse Management Suite, do the following:

1. On the ThinOS client, open Admin Policy Tool, or go to the ThinOS 9.x policy settings on Wyse Management Suite.

   The Configuration Control | ThinOS page is displayed.

2. On the Advanced tab, expand Privacy & Security, and click Device Security.
3. Click the Enable FIPS toggle switch to enable the option.
4. Click Save & Publish.

To enable FIPS using System Tools, do the following:

1. Log in to the ThinOS client.
2. From the desktop menu, click System Tools.

   The System Tools dialog box is displayed.

3. Click the Certificates tab.
4. Click the Enable FIPS toggle switch to enable the Federal Information Processing Standard (FIPS) Publication 140-2 authentication compliance.
5. Click OK.