util ccmodeΒΆ

util ccmode(1)		      BIG-IP TMSH Manual		util ccmode(1)



NAME
       ccmode - Set Common Criteria mode and a subset of configuration
       defaults required for a Common-Criteria-compliant BIGIP system.

MODULE
       util

SYNTAX
	 ccmode

DESCRIPTION
       Use this command to set a subset of defaults that are required for a
       Common-Criteria-compliant system.

       Run this command ONLY if you are creating a Common-Criteria-compliant
       BIG-IP system, or have otherwise determined that all of the changes are
       desirable for your BIG-IP configuration. Note that there are runtime
       changes triggered by this command.

       Running the ccmode command is an essential part of the configuration
       changes required to configure a BIG-IP system as Common-Criteria-
       compliant. This command changes the base configuration in several ways,
       including:

       o   Defining the minimum required password policy.

       o   Defining the allowed cipher sets for SSL/TLS.

       o   Disabling some features excluded from the evaluation and therefore
	   not permitted to be used in a compliant system.

       o   Setting several DB variables, including the Security.CommonCriteria
	   variable, an indicator from which other runtime changes are
	   triggered.

       While running this script is essential to creating a Common-Criteria-
       compliant system, it is not sufficient. Customers wishing to configure
       compliant systems must consult the configuration Guidance documentation
       provided when the evaluation is complete, and follow its instructions
       to completely configure the BIG-IP.

       This command has no facility for "undoing" the changes it makes.
       Instead, the administrator must reverse or revise all of the individual
       commands, reset the DB variables to their defaults, save the new
       configuration, and restart the BIG-IP.

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or
       by any means, electronic or mechanical, including photocopying,
       recording, or information storage and retrieval systems, for any
       purpose other than the purchaser's personal use, without the express
       written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 1996-2015. All rights reserved.



BIG-IP				  2017-07-13			util ccmode(1)