Security Settings - Raritan Dominion KX III User Manual

Chapter 9: Administration Features

Security Settings

148
The User Station optionally uses a FIPS 140-2 encryption module that
supports the Security Requirements for Cryptographic Modules of the
Federal Information Processing Standards (FIPS), which is defined in the
FIPS PUB 140-2 (http://www.nist.gov/cmvp/), Annex A: Approved Security
Functions
. These standards are used to protect the Federal
government's sensitive information with the cryptographic-based
security systems in the U.S. and Canada.
The Check KX Device Certificates option allows Dominion User Station to
enforce SSL certificate checks in communication with the KX3 for both
port information and KVM sessions.
When FIPS mode is enabled, all encrypted connections to KX III KVM
switches are processed using the FIPS accredited cryptographic code
and the authenticity of those KVM switches is checked via their
certificate chain. When Check KX Device Certificate is enabled,
authenticity of KVM switches is checked via their certificate chain. You
must install the trusted device- or root-certificate of each KX III KVM
switch on the User Station, or the connection to the KVM switches fails.
Certificates
See (see "
Important: In the FIPS mode, the User Station CANNOT connect to
any targets on a KX3 or CC-SG with Security setting TLS 1.2 only.
Note: The LDAPS connections, which have the encrypted LDAP enabled,
are NOT using the FIPS accredited cryptographic code.
To enable or disable the FIPS mode:
1. Click Administration > Security Settings. The Security Settings page
opens.
indicates the setting is enabled.

Trusted Certificates
" on page 141).