Security Management (FIPS Mode)
Enabling SecurID
4.Log into the Broadmore using a conventional terminal emulator such as Telnet (see “Logging In” on page
5.Start up the CAMMI interface by entering the following command at the Broadmore prompt:
cammi ↵
6.Verify that the Broadmore is not in FIPS mode by observing that the CAMMI Help / About Security screen shows that FIPS mode is inactive.
Enabling SecurID
NOTE: SecurID is only available when FIPS mode is turned on (see “Enabling FIPS Mode” on page
Only a Superuser (Crypto Officer) can change the security modes. The Broadmore is shipped from the factory with SecurID turned off. The security mode can only be changed after successfully logging into the Broadmore while in its current security mode.
SecurID requires that the Broadmore CPUs be set up for use with a SecurID server. Each CPU must be set up one at a time. In a redundant system, one CPU must be temporarily removed while the other is being set up.
SecurID requires the following:
RSA SecurID server version 5.0 or higher
SSH terminal emulator, such as SecureCRT
SFTP software, such as SecureFX
Ethernet connection to both CPUs
1. If the Broadmore has two CPUs, remove the CPU that is not on line.
Broadmore 1750 - Release 4.6 |
