Primary Responder mode considerations
DAL OS 23.9 and later supports a PR
Primary responder mode that can be enabled on any device. When enabled, the device acts as a Primary Responder PR device with a security-hardened, feature-restricted firmware targeted to comply with AT&T FirstNet® and Verizon ResponseVerify™ security requirements.
|
Features not available |
Features available but disabled by default |
Features enabled when PR mode is enabled |
|---|---|---|
|
Telnet |
SSH* |
FIPS mode |
|
Raw TCP listeners for serial ports |
Wi-Fi pre-configured access points |
|
|
Wi-Fi WPA1 encryption |
Internal serial console port |
|
|
Backup configuration file restore |
USB ports |
|
|
*For DAL OS 25.8 feature release and newer, Primary Responder mode now requires key-based SSH authorization. |
||
Additional considerations
-
Users are prompted to enable two-factor authentication.
-
A notification will appear in both the Web UI and CLI if the DAL device has Primary Responder mode enabled, but there are local users who do not have two-factor authentication enabled.
-
The system custom-default-config CLI command available in release 24.12 cannot be run in Primary Responder mode.