Enterasys Networks XSR-1850, XSR-1805, XSR-3250 manual Copyright 2003 Enterasys Networks Page 4

Page 4

This Security Policy and the other validation submission documentation were produced by Corsec Security, Inc. under contract to Enterasys Networks. With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Validation Documentation is proprietary to Enterasys Networks and can be released only under appropriate non-disclosure agreements. For access to these documents, please contact Enterasys Networks.

© Copyright 2003 Enterasys Networks Page 4 of 25

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Image 4

Contents Fips 140-2 Non-Proprietary Security Policy Table of Contents Purpose ReferencesDocument Organization Copyright 2003 Enterasys Networks Page 3Copyright 2003 Enterasys Networks Page 4 Overview Copyright 2003 Enterasys Networks Page 5Cryptographic Module Copyright 2003 Enterasys Networks Page 7 Module Interfaces EMI/EMCSelf-tests Design Assurance Mitigation of Other Attacks Copyright 2003 Enterasys Networks Page 8Copyright 2003 Enterasys Networks Page 9 Module Physical Ports Fips 140-2 Logical Interface Copyright 2003 Enterasys Networks Page 10Roles and Services Copyright 2003 Enterasys Networks Page 11SSH SnmpVPN IKE Authenticate to the module during IKE. ThisCopyright 2003 Enterasys Networks Page 14 Algorithm using a 1024 bit key pair Physical SecurityOperational Environment Mechanism is as strong as the RSACryptographic Key Management Fips 186-2 Prng Copyright 2003 Enterasys Networks Page 18 Copyright 2003 Enterasys Networks Page 19 Self-Tests Copyright 2003 Enterasys Networks Page 20Mitigation of Other Attacks Design AssuranceCopyright 2003 Enterasys Networks Page 21 Crypto Officer Guidance Copyright 2003 Enterasys Networks Page 22Enter copy running-config startup-config Copyright 2003 Enterasys Networks Page 23User Guidance Copyright 2003 Enterasys Networks Page 24XSR Copyright 2003 Enterasys Networks Page 25