Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems 7206VXR NPE-400 manual Introduction

Models: 7206VXR NPE-400

1 22

Download 22 pages 11.99 Kb

Page 1

Introduction

FIPS 140-2 Nonproprietary Security Policy for Cisco 7206VXR NPE-400 Router with VAM

Introduction

This is a non-proprietary Cryptographic Module Security Policy for Cisco Systems. This security policy describes how the 7206 VXR NPE-400 with VPN Acceleration Module (VAM) (Hardware Version: 7206-VXR; VAM: Hardware Version 1.0, Board Version A0; Firmware Version: Cisco IOS software Version12.3(3d)) meets the security requirements of FIPS 140-2 and how to run the module in a secure FIPS 140-2 mode. This policy was prepared as part of the Level 2 FIPS 140-2 validation of the module.

Note This document may be copied in its entirety and without modification. All copies must include the copyright notice and statements on the last page.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2 — Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the NIST website at http://csrc.nist.gov/cryptval/.

This document includes the following sections:

•Introduction, page 1

•FIPS 140-2 Submission Package, page 2

•Overview, page 2

•Cryptographic Module, page 3

•Module Interfaces, page 3

•Roles and Services, page 6

•Physical Security, page 8

•Cryptographic Key Management, page 9

•Self-Tests, page 15

•Secure Operation, page 16

•Obtaining Documentation, page 17

Corporate Headquarters:

Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA

Copyright © 2004 Cisco Systems, Inc. All rights reserved.

Image 1

Cisco Systems 7206VXR NPE-400 manual Introduction, page FIPS 140-2 Submission Package, page Overview, page

Contents

Introduction Roles and Services, page Physical Security, pageIntroduction, page FIPS 140-2 Submission Package, page Overview, page Cryptographic Module, page Module Interfaces, pageOverview FIPS 140-2 Submission PackageDocumentation Feedback, page Obtaining Technical Assistance, page Obtaining Additional Publications and Information, pageModule Interfaces Cryptographic ModuleFigure 1 Cisco 7206VXR NPE-400 Router Front View Description IndicationFigure 2 Cisco 7206VXR Router Front Panel LEDs Color LED LabelState FunctionRouter Physical Interface Roles and ServicesFIPS 140-2 Logical Interface User Role Crypto Officer RolePhysical Security Cryptographic Key Management Storage CSP NameDescription Critical Security ParametersCSP Name crypto ca trust label commandDescription StorageDescription CSP NameStorage Cryptographic Key Management Figure 6 Role and Service Access to CSPsOL-3959-01 The module supports three types of key management schemes Key Zeroization Self-TestsSystem Initialization and Configuration Initial SetupSecure Operation Obtaining Documentation Remote AccessIPSec Requirements and Cryptographic Algorithms ProtocolsObtaining Technical Assistance Documentation FeedbackOrdering Documentation Definitions of Service Request Severity Submitting a Service RequestCisco Technical Support Website http//tools.cisco.com/RPF/register/register.dohttp//cisco.com/univercd/cc/td/doc/pcat Obtaining Additional Publications and InformationOL-3959-01 Obtaining Additional Publications and InformationCopyright 2004 Cisco Systems, Inc. All rights reserved OL-3959-01 Obtaining Additional Publications and Information