Cisco 2821 Series 운영 - 페이지 29

{카테고리_이름} Cisco 2821 Series에 대한 운영을 온라인으로 검색하거나 PDF를 다운로드하세요. Cisco 2821 Series 31 페이지. 2800 series integrated services routers
Cisco 2821 Series에 대해서도 마찬가지입니다: 설치 및 업그레이드 (21 페이지), 데이터시트 (20 페이지), 운영 (31 페이지), 빠른 시작 매뉴얼 (47 페이지)

Cisco 2821 Series 운영
3.2

System Initialization and Configuration

1. The Crypto Officer must perform the initial configuration. IOS
Advanced Security build (advsecurity) is the only allowable image; no other image
should be loaded.
2. The value of the boot field must be 0x0102. This setting disables break from the console
to the ROM monitor and automatically boots the IOS image. From the "configure
terminal" command line, the Crypto Officer enters the following syntax:
config-register 0x0102
3. The Crypto Officer must create the "enable" password for the Crypto Officer role. The
password must be at least 8 characters (all digits; all lower and upper case letters; and all
special characters except '?' are accepted) and is entered when the Crypto Officer first
engages the "enable" command. The Crypto Officer enters the following syntax at the
"#" prompt:
enable secret [PASSWORD]
4. The Crypto Officer must always assign passwords (of at least 8 characters) to users.
Identification and authentication on the console port is required for Users. From the
"configure terminal" command line, the Crypto Officer enters the following syntax:
line con 0
password [PASSWORD]
login local
5. RADIUS and TACACS+ shared secret key sizes must be at least 8 characters long.
3.3

IPSec Requirements and Cryptographic Algorithms

1. The only type of key management that is allowed in FIPS mode is Internet Key Exchange
(IKE).
2. Although the IOS implementation of IKE allows a number of algorithms, only the
following algorithms are allowed in a FIPS 140-2 configuration:
ah-sha-hmac
esp-sha-hmac
esp-Triple-DES
esp-aes
3. The following algorithms are not FIPS approved and should not be used during FIPS-
approved mode:
DES
MD-5 for signing
MD-5 HMAC
© Copyright 2007 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
29
version
12.4 (15) T3,