Use of a USB entropy token during the boot process is now enabled by default when using a FortiGate in Federal Information Processing Standards-Common Criteria (FIPS-CC) mode. If a FortiGate unit in this mode does not have an USB entropy token inserted, it is unable to complete the boot process will display the following message: Please insert entropy token to continue boot process.

Entropy token use can be disabled from the CLI. It can also be enabled on a FortiGate unit in normal mode (by default, entropy tokens are disabled in normal mode).