Cisco Systems 7206VXR NPE-400 manual Fips 140-2 Submission Package, Overview

Page 2

FIPS 140-2 Submission Package

Documentation Feedback, page 18

Obtaining Technical Assistance, page 18

Obtaining Additional Publications and Information, page 20

FIPS 140-2 Submission Package

The Security Policy document is one item in the FIPS 140-2 Submission Package. In addition to this document, the Submission Package includes:

Vendor evidence document

Finite state machine

Module software listing

Other supporting documentation as additional references

With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Submission Documentation is proprietary to Cisco Systems, Inc. and is releasable only under appropriate non-disclosure agreements. For access to these documents, contact Cisco Systems, Inc. See “Obtaining Technical Assistance” section on page 18.

Overview

Cisco 7206VXR routers support gigabit capabilities to improve data, voice, and video integration in both the service provider and enterprise environments. Cisco 7206VXR routers support a high-speed network services engine (NSE), the high-speed network processing engine (NPE-400), and other network processing engines.

Cisco 7206VXR routers accommodate a variety of network interface port adapters and an Input/Output (I/O) controller. A Cisco 7206VXR router equipped with an NPE-400 supports up to six high-speed port adapters and higher-speed port adapter interfaces including Gigabit Ethernet and OC-12 ATM (Optical Carrier-12 Asynchronous Transfer Mode). Cisco 7206VXR routers accommodate up to two AC-input or DC-input power supplies.

Cisco 7206VXR routers support the following features:

Online insertion and removal (OIR)—Adds, replaces, or removes port adapters without interrupting the system.

Dual hot-swappable, load-sharing power supplies—Provides system power redundancy; if one power supply or power source fails, the other power supply maintains system power without interruption. Also, when one power supply is powered off and removed from the router, the second power supply immediately takes over the router power requirements without interrupting normal operation of the router.

Environmental monitoring and reporting functions—Maintains normal system operation by resolving adverse environmental conditions prior to loss of operation.

Downloadable software—Loads new images into Flash memory remotely, without having to physically access the router.

The Cisco 7206 VXR router incorporates a single VPN Acceleration Module (VAM) cryptographic accelerator card. The VAM is installed in one of the port adapter slots.

FIPS 140-2 Nonproprietary Security Policy for Cisco 7206VXR NPE-400 Router with VAM

2

OL-3959-01

 

 

Page 1 Page 3
Image 2
Page 1 Page 3
Contents Introduction Fips 140-2 Submission Package OverviewCryptographic Module Module InterfacesIO Power OK Indication DescriptionError EnableBoot LED Label Color State FunctionRoles and Services Router Physical Interface Fips 140-2 Logical InterfaceCrypto Officer Role User RolePhysical Security Cryptographic Key Management Cryptographic Key ManagementCSP Name Description Storage CSP16 CSP14CSP15 CSP17CSP27 CSP25CSP26 CSP28Role and Service Access to CSPs Cryptographic Key Management DES KAT Tdes KAT AES KAT SHA-1 KAT Prng KAT Self-TestsKey Zeroization HMAC-SHA-1 KATSecure Operation Initial SetupSystem Initialization and Configuration IPSec Requirements and Cryptographic Algorithms Remote AccessObtaining Documentation ProtocolsOrdering Documentation Documentation FeedbackObtaining Technical Assistance Cisco Technical Support Website Submitting a Service RequestDefinitions of Service Request Severity Obtaining Additional Publications and Information Obtaining Additional Publications and Information OL-3959-01
Top Page Image Contents