Cisco 2811 - Voice Security Bundle Router 운영 - 페이지 19

{카테고리_이름} Cisco 2811 - Voice Security Bundle Router에 대한 운영을 온라인으로 검색하거나 PDF를 다운로드하세요. Cisco 2811 - Voice Security Bundle Router 31 페이지. Integrated services routers
Cisco 2811 - Voice Security Bundle Router에 대해서도 마찬가지입니다: 빠른 시작 매뉴얼 (45 페이지)

Cisco 2811 - Voice Security Bundle Router 운영
The tamper evidence seals are produced from a special thin gauge vinyl with self-adhesive
backing. Any attempt to open the router will damage the tamper evidence seals or the material of
the module cover. Since the tamper evidence seals have non-repeated serial numbers, they can be
inspected for damage and compared against the applied serial numbers to verify that the module
has not been tampered. Tamper evidence seals can also be inspected for signs of tampering,
which include the following: curled corners, bubbling, crinkling, rips, tears, and slices. The word
"OPEN" may appear if the label was peeled back.

2.5 Cryptographic Key Management

The router securely administers both cryptographic keys and other critical security parameters
such as passwords. The tamper evidence seals provide physical protection for all keys. All keys
are also protected by the password-protection on the Crypto Officer role login, and can be
zeroized by the Crypto Officer. All zeroization consists of overwriting the memory that stored
the key. Keys are exchanged and entered electronically or via Internet Key Exchange (IKE) or
SSL handshake protocols.
The routers support the following FIPS-2 approved algorithm implementations:
Algorithm
AES
Triple-DES
SHA-1, SHA-256, SHA-512
HMAC-SHA-1
X9.31 PRNG
RSA
AES
Triple-DES
SHA-1
HMAC-SHA-1
AES
Triple-DES
SHA-1
HMAC-SHA-1
X9.31 PRNG
RSA
The router is in the approved mode of operation only when FIPS 140-2 approved algorithms are
used (except DH and RSA key transport which are allowed in the approved mode for key
establishment despite being non-approved).
Note: The module supports DH key sizes of 1024 and 1536 bits and RSA key sizes of 1024,
1536 and 2048 bits. Therefore, the Diffie Hellmann Key agreement, key establishment
methodology provides between 80-bits and 96-bits of encryption strength per NIST 800-57. RSA
© Copyright 2007 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Software (IOS) Implementations
Onboard NetGX Implementations
AIM Module Implementations
19
Algorithm Certificate Number
795
683
794
436
456
379
265
347
344
77
100
213
401
38
80
383