Security Certifications Compliance Modes
Your organization might be required to use only equipment and software complying with security standards established by the U.S. Department of Defense and global certification organizations. The Firepower System supports compliance with the following security certifications standards:
Common Criteria (CC): a global standard established by the international Common Criteria Recognition Arrangement, defining properties for security products
Unified Capabilities Approved Products List (UCAPL): a list of products meeting security requirements established by the U.S. Defense Information Systems Agency (DISA)
The U.S. Government has changed the name of the Unified Capabilities Approved Products List (UCAPL) to the Department of Defense Information Network Approved Products List (DODIN APL). References to UCAPL in this documentation and the Firepower Management Center web interface can be interpreted as references to DODIN APL.
Federal Information Processing Standards (FIPS) 140: a requirements specification for encryption modules
You can enable security certifications compliance in CC mode or UCAPL mode. Enabling security certifications compliance does not guarantee strict compliance with all requirements of the security mode selected. For more information on hardening procedures, refer to the guidelines for this product provided by the certifying entity.
After you enable this setting, you cannot disable it. If you need to take the appliance out of CC or UCAPL mode, you must reimage the appliance.