Security Management (FIPS Mode)

zeroize

zeroize

WARNING! THE ZEROIZE COMMAND WILL DECOMMISSION THE CPU MODULE AND MAKE IT INOPERABLE (THE CPU WILL NOT REBOOT). THIS COMMAND WILL PERMANENTLY ERASE ALL CRITICAL SECURITY PARAMETERS AND CPU DISK-ON-CHIP MEMORY. A ZEROIZED CPU CONTAINS NO SECURITY DATA OR OPERATING SYSTEM SOFTWARE. A ZEROIZED CPU CAN BE RETURNED TO THE FACTORY FOR REPAIR.

This command is not intended for normal operational use. It is intended as a security measure (per FIPS 140-2 requirements) to allow a SuperUser (Crypto Officer) to completely remove all security-sensitive data that may be required before decommissioning a CPU. This command has two options:

To zeroize only the standby CPU, type zeroize standby

This option is intended primarily for decommissioning a defective CPU module.

To zeroize both CPUs, type zeroize global which will first zeroize the standby CPU and then the online CPU. This option is intended for decommissioning the entire Broadmore system.

11-40

Broadmore 1750 - Release 4.6

Page 306
Image 306
Carrier Access 1750 user manual Zeroize