Non-Fips Approved Algorithms; Zeroization - Juniper SSG 5 Manual

Hide thumbs Also See for SSG 5:

Hardware installation (64 pages)

Manual (21 pages)

Datasheet (13 pages)

Table Of Contents

Table of Contents

•

HMAC-SHA-1, HMAC-SHA-256

•

RSA Sign/Verify (PKCS #1)

•

ANSI X9.31 DRNG

The module supports the following communication protocols which are allowed in FIPS mode:

•

SSL v3.1

•

SSH v2

•

IPSec

Non-FIPS Approved Algorithms

The following non-approved algorithms are allowed in FIPS mode:

•

DH (key agreement, key establishment methodology provides 97 or 112 bits of strength)

•

Elliptic Curve Diffie-Hellman (key establishment methodology provides 128 bits of

strength)

•

NDRNG

The following non-approved algorithms/protocols are disabled in FIPS mode:

•

RSA encryption/decryption

•

DES

•

MD5

•

SNMP v3

Zeroization

All keys and unprotected security parameters can be individually zeroized through the Unset, Clear,

Delete, and Reset commands. Pressing the hardware reset button or issuing the "unset vendor-def"

CLI command will cause the zeroization of all CSPs by reseting the device configuration to the factory

default values.

Juniper Networks SSG 5 and SSG 20 Security Policy

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Ssg 20

Non-Fips Approved Algorithms; Zeroization - Juniper SSG 5 Manual

Non-FIPS Approved Algorithms

Zeroization

Hide quick links:

Related Manuals for Juniper SSG 5

Related Content for Juniper SSG 5

This manual is also suitable for:

Table of Contents