Differences between standard firmware operation and Primary Responder mode

The device firmware version 23.9 and later has a Primary Responder mode that can be enabled on any device. When enabled, the device acts as a Primary Responder (PR) device with a security hardened, feature-restricted firmware targeted to comply with AT&T, FirstNet, and Verizon ResponseVerify security requirements.

When Primary Responder mode is enabled, the following features are not available:

• Telnet access has been removed.

• Raw TCP listeners for serial ports have been removed.

• Wi-Fi:

  • WPA1 encryption has been removed.

  • Any preconfigured access points are disabled by default.

• SSH is disabled by default.

• Users are prompted to enable two-factor authentication.

• A notification will appear in both the Web UI and CLI if the DAL device has Primary Responder mode enabled, but there are local users who do not have two-factor authentication enabled.

• Internal serial console port is disabled by default.

• USB ports are disabled by default.

• FIPS mode is automatically enabled when PR mode is enabled.

• Restoring a backup configuration file is disabled (Restore the device configuration).

• The system custom-default-config CLI command available in release 24.12 cannot be run in Primary Responder mode.