Nshield Connect Physical Security Controls - Entrust nShield Security Manual
Hide thumbs
Also See for nShield:
- Installation manual (73 pages) ,
- Hardware and setup manual (26 pages) ,
- Quick start manual (2 pages)
Table of Contents
Advertisement
In the case of the battery removal/failure tamper event, the tamper
event can only be actioned upon the next application of mains power
(with the battery removed). Once this tamper event is complete (and
all non-protected secrets are erased) the HSM should blink the morse
code pattern on the LED for low battery voltage <2.5V to indicate that
there are no secrets within the HSM to the customer. However, in the
unlikely scenario that the HSM is non-functional to the point where the
Security Processor will not wake up after mains power is applied, the
non-protected secrets will never be erased. Therefore, the customer
must monitor for the correct morse code sequence to indicate that all
non-protected secrets have been erased. If the LED does not blink the
prescribed pattern then the nShield Solo XC must be physically,
securely destroyed.
For guidance on how to respond to a tamper, see
8.4. nShield Connect physical security controls
This section provides an overview of the physical security measures that have been
implemented to protect your nShield Connect. You are also shown how to:
• Check the physical security of your nShield Connect
• Disable and re-enable tamper detection functionality on your nShield Connect.
The tamper detection and response functionality on the nShield Connect provides
additional physical security, over and above that provided by the tamper evident
holographic security seal, and alerts you to tampering in an operational environment.
There is a removable lid on top of the nShield Connect, protected by the security seal
and tamper detection switches. To prevent the insertion of objects into the nShield
Connect, tamper resistant baffles are placed behind vents.
To optimize their effectiveness, use the physical security measures implemented on the
nShield Connect in association with your security policies and procedures.
The FIPS 140-2 Level 3 cryptographic boundary is at the nShield Solo.
For more information about FIPS 140-2, see
publications/fips/fips140-2/fips1402.pdf.
8.4.1. Tamper event
The nShield Connect offers several layers of tamper protection. The outer boundary
nShield® Security Manual
Security Incident and
http://csrc.nist.gov/
Response.
58 of 90
Advertisement
Table of Contents
Need help?
Do you have a question about the nShield and is the answer not in the manual?