Bug ID 852785: Exposing counters from FIPS device registers allows debugging when cards fail

Last Modified: Aug 02, 2021

Bug Tracker

Affected Product:  See more info
BIG-IP TMOS(all modules)

Fixed In:
16.1.0

Opened: Nov 25, 2019
Severity: 3-Major

Symptoms

FIPS devices may fail due to overuse. There has been no visibility into the numbers of key generation operations performed or the times when temperature ranges have been exceeded.

Impact

Lack of environmental information to diagnose problems.

Conditions

When a FIPS device fails it can be difficult to determine if there were temperature or over use issues.

Workaround

None

Fix Information

A fips_stats table is now maintained and can be queried with the tmctl tool. The statistics are also present in qkviews.

Behavior Change