Cisco Systems Cisco 7206 VXR Self-Tests, Initial Setup, System Initialization and Configuration

Page 11

Secure Operation of the Cisco 7206 VXR NPE-400 Router

Cryptographic Key Management

The router securely administers both cryptographic keys and other critical security parameters such as passwords. The tamper evidence seals provide physical protection for all keys. Keys are also password protected and can be zeroized by the crypto officer. Keys are exchanged manually and entered electronically via manual key exchange or Internet Key Exchange (IKE).

Self-Tests

In order to prevent any secure data from being released, it is important to test the cryptographic components of a security module to insure all components are functioning correctly. The router includes an array of self-tests that are run during startup and periodically during operations. The self-test run at power-up includes a cryptographic known answer test (KAT) on the FIPS-approved cryptographic algorithms (DES, 3DES), on the message digest (SHA-1), and on the Diffie-Hellman algorithm. Also performed at startup are software integrity test using an EDC, and a set of Statistical Random Number Generator (RNG) tests. The following tests are also run periodically or conditionally: a bypass mode test performed conditionally prior to executing IPSec, a software load test for upgrades, and the continuous random number generator test. If any of these self-tests fail, the router transitions into an error state. Within the error state, all secure data transmission is halted and the router outputs status information indicating the failure.

Secure Operation of the Cisco 7206 VXR NPE-400 Router

Cisco 7206 VXR NPE-400 router meets all the Level 2 requirements for FIPS 140-1. Follow the setting instructions provided below to place the module in FIPS mode. Operating this router without maintaining the following settings will remove the module from the FIPS approved mode of operation.

Initial Setup

The crypto officer must apply tamper evidence labels as described in the “Physical Security” section of this document. The crypto officer must securely store tamper evidence labels before use, and any tamper evidence labels not used should also be stored securely.

Only a crypto officer can add and remove port adapters. When removing the tamper evidence label, the crypto officer should remove the entire label from the router and clean the cover of any grease, dirt, or oil with an alcohol-based cleaning pad. The crypto officer must reapply tamper evidence labels on the router as described in the “Physical Security” section in this document.

System Initialization and Configuration

The crypto officer must perform the initial configuration. The IOS version shipped with the router, version 12.1(9)E, is the only allowable image. No other image can be loaded.

The value of the boot field must be 0x0101 (the factory default). This setting disables the break from the console to the ROM monitor and automatically boots the IOS image. From the configure terminal command line, the crypto officer enters the following syntax:

config-register 0x0101

Cisco 7206 VXR Router with ISA Security Policy

11

Page 10 Page 12
Image 11
Page 10 Page 12
Contents Introduction Document Organization 7206 VXR NPE-400 RouterReferences TerminologyPort adapters 7206 VXR NPE-400 Cryptographic ModuleInput/Output Controller Module InterfacesLED Integrated Service AdapterEnabled Router Physical Interface Fips 140-1 Logical Interface Roles and Services Physical Security Cryptographic Officer Services User Services 7206 VXR NPE-400 Router Shows the tamper evidence label placements Cryptographic Key Management Initial SetupSystem Initialization and Configuration Self-TestsProtocols Remote AccessNon FIPS-Approved Algorithms Ordering Documentation Obtaining DocumentationWorld Wide Web Documentation CD-ROMTechnical Assistance Center Contacting TAC by Using the Cisco TAC WebsiteObtaining Technical Assistance Cisco.comContacting TAC by Telephone
Top Page Image Contents