Cisco 2651 Benutzerhandbuch - Seite 44

Blättern Sie online oder laden Sie pdf Benutzerhandbuch für Netzwerk-Router Cisco 2651 herunter. Cisco 2651 48 Seiten. Non-proprietary security policy

Cisco 2651 Benutzerhandbuch

Related Documentation

IPSec Requirements and Cryptographic Algorithms
Protocols
All SNMP operations must be performed within a secure IPSec tunnel.

Remote Access

Related Documentation
For more information about the Cisco 1721, 1760, 2621XM, 2651XM, 2691, 3725, 3745, and 7206 VXR
modular access routers, refer to the following documents:
Cisco 1721, 1760, 2621XM, 2651XM, 2691, 3725, and 3745 Modular Access Routers and 7206-VXR NPE-400 Router FIPS 140-2 Non-Proprietary
44
There are two types of key management method that are allowed in FIPS mode: Internet Key
Exchange (IKE) and IPSec manually entered keys.
Although the Cisco IOS implementation of IKE allows a number of algorithms, only the following
algorithms are allowed in a FIPS 140-2 configuration:
ah-sha-hmac
esp-des
esp-sha-hmac
esp-3des
esp-aes
The following algorithms are not FIPS approved and should be disabled:
MD-4 and MD-5 for signing
MD-5 HMAC
Telnet access to the module is only allowed via a secure IPSec tunnel between the remote system
and the module. The Crypto officer must configure the module so that any remote connections via
telnet are secured through IPSec.
SSH access to the module is only allowed if SSH is configured to use a FIPS-approved algorithm.
The Crypto officer must configure the module so that SSH uses only FIPS-approved algorithms.
Cisco 1721 Access Router Hardware Installation Guide
Cisco 1760 Modular Access Router Hardware Installation Guide
Cisco 1700 Series Router Software Configuration Guide
Cisco 2600 Series Modular Routers Quick Start Guide
Cisco 2600 Series Hardware Installation Guide
Software Configuration Guide for Cisco 2600 Series, Cisco 3600 Series, and Cisco 3700 Series
Routers
Cisco 3725 Router Quick Start Guide
Cisco 3745 Router Quick Start Guide
OL-6083-01