Cisco 2851 - Integrated Services Router 사용자 설명서 - 페이지 16
{카테고리_이름} Cisco 2851 - Integrated Services Router에 대한 사용자 설명서을 온라인으로 검색하거나 PDF를 다운로드하세요. Cisco 2851 - Integrated Services Router 25 페이지. Power up and initial configuration procedures
Cisco 2851 - Integrated Services Router에 대해서도 마찬가지입니다: 설치 및 업그레이드 (21 페이지), 데이터시트 (20 페이지), 빠른 시작 매뉴얼 (47 페이지), 구성 (10 페이지)
Cisco 2851 Routers
Self-Tests
In order to prevent any secure data from being released, it is important to test the cryptographic
components of a security module to insure all components are functioning correctly. The router includes
an array of self-tests that are run during startup and periodically during operations. All self-tests are
implemented by the software. An example of self-tests run at power-up is a cryptographic known answer
test (KAT) on each of the FIPS-approved cryptographic algorithms and on the Diffie-Hellman algorithm.
Examples of tests performed at startup are a software integrity test using an EDC, and a set of Statistical
Random Number Generator (RNG) tests. Examples of tests run periodically or conditionally include: a
bypass mode test performed conditionally prior to executing IPSec, and a continuous random number
generator test. If any of the self-tests fail, the router transitions into an error state. In the error state, all
secure data transmission is halted and the router outputs status information indicating the failure.
Examples of the errors that cause the system to transition to an error state:
•
•
•
•
•
Self-tests performed by the IOS image
IOS Self Tests
•
•
Self-tests performed by Safenet
Safenet Self Tests
•
Cisco 2851 Integrated Services Router FIPS 140-2 Non Proprietary Security Policy
16
IOS image integrity checksum failed
Microprocessor overheats and burns out
Known answer test failed
NVRAM module malfunction.
Temperature high warning
POST tests
AES Known Answer Test
–
Software/firmware test
–
Power up bypass test
–
RNG Known Answer Test
–
Diffie Hellman test
–
HMAC-SHA-1 Known Answer Test
–
SHA-1 Known Answer Test
–
DES Known Answer Test
–
3DES Known Answer Test
–
Conditional tests
Conditional bypass test
–
Continuous random number generation test
–
POST tests
AES Known Answer Test
–
DES Known Answer Test
–
OL-8717-01