Table of Contents
Advertisement
Figure 1: Tamper Evident Mechanisms, Front of the NetScreen-5400
Juniper NS-5400 Security Policy
•
The enclosures are opaque to visible spectrum radiation.
•
The enclosure includes a removable cover and is protected by
tamper evident seals. These seals also cover the power block at the
back and front of the units. The locations of the tamper evident seals
are shown in Figure 1.
•
IKE, Diffie-Hellman (DH), and RSA encryption are employed for
public key- based key distribution techniques, which are
commercially available public key methods and are known to provide
at least 80-bits of strength as implemented.
•
All keys and unprotected security parameters can be zeroized
through the Unset, Clear, Delete, and Reset commands. Pressing
the hardware reset button will also cause the zeroization of all
plaintext CSPs.
•
The NetScreen-5400 includes the following algorithms:
• FIPS Approved:
DSA
SHA-1
TDES (CBC)
DES (CBC) (transitional phase only valid until May 19, 2007)
AES (CBC)
HMAC-SHA-1
RSA Sign/Verify (PKCS #1)
ANSI X9.31 DRNG
12
Advertisement
Table of Contents
