Cisco 2811 Series 운영 - 페이지 30

{카테고리_이름} Cisco 2811 Series에 대한 운영을 온라인으로 검색하거나 PDF를 다운로드하세요. Cisco 2811 Series 31 페이지. 2800 series integrated services routers
Cisco 2811 Series에 대해서도 마찬가지입니다: 데이터시트 (20 페이지), 운영 (31 페이지), 설치 및 업그레이드 (14 페이지), 빠른 시작 매뉴얼 (47 페이지)

페이지 인쇄

3.4

Protocols

1. SNMP v3 over a secure IPSec tunnel may be employed for authenticated, secure SNMP

gets and sets. Since SNMP v2C uses community strings for authentication, only gets are

allowed under SNMP v2C.

3.5

SSLv3.1/TLS Requirements and Cryptographic Algorithms

When negotiating SSLv3.1/TLS cipher suites, only FIPS approved algorithms must be

specified.

All other versions of SSL except version 3.1 must not be used in FIPS mode of operation

The following algorithms are not FIPS approved and should not be used in the FIPS-

approved mode:

MD5

RC4

RC2

DES

3.6

Remote Access

1. Telnet access to the module is only allowed via a secure IPSec tunnel between the remote

system and the module. The Crypto officer must configure the module so that any remote

connections via telnet are secured through IPSec, using FIPS-approved algorithms. Note

that all users must still authenticate after remote access is granted.

2. SSH access to the module is only allowed if SSH is configured to use a FIPS-approved

algorithm. The Crypto officer must configure the module so that SSH uses only FIPS-

approved algorithms. Note that all users must still authenticate after remote access is

granted.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.