util ccmode

util ccmode(1)					  BIG-IP TMSH Manual				       util ccmode(1)

NAME
       ccmode - Set Common Criteria mode and a subset of configuration defaults required for a
       Common-Criteria-compliant BIGIP system.

MODULE
       util

SYNTAX
	 ccmode

DESCRIPTION
       Use this command to set a subset of defaults that are required for a Common-Criteria-compliant system.

       Run this command ONLY if you are creating a Common-Criteria-compliant BIG-IP system, or have otherwise
       determined that all of the changes are desirable for your BIG-IP configuration. Note that there are runtime
       changes triggered by this command.

       Running the ccmode command is an essential part of the configuration changes required to configure a BIG-IP
       system as Common-Criteria-compliant. This command changes the base configuration in several ways, including:

       ·   Defining the minimum required password policy.

       ·   Defining the allowed cipher sets for SSL/TLS.

       ·   Disabling some features excluded from the evaluation and therefore not permitted to be used in a compliant
	   system.

       ·   Setting several DB variables, including the Security.CommonCriteria variable, an indicator from which
	   other runtime changes are triggered.

       While running this script is essential to creating a Common-Criteria-compliant system, it is not sufficient.
       Customers wishing to configure compliant systems must consult the configuration Guidance documentation
       provided when the evaluation is complete, and follow its instructions to completely configure the BIG-IP.

       This command has no facility for "undoing" the changes it makes. Instead, the administrator must reverse or
       revise all of the individual commands, reset the DB variables to their defaults, save the new configuration,
       and restart the BIG-IP.

COPYRIGHT
       No part of this program may be reproduced or transmitted in any form or by any means, electronic or
       mechanical, including photocopying, recording, or information storage and retrieval systems, for any purpose
       other than the purchaser's personal use, without the express written permission of F5 Networks, Inc.

       F5 Networks and BIG-IP (c) Copyright 1996-2015. All rights reserved.

BIG-IP						      2017-07-13				       util ccmode(1)