Download Print this page

Unauthenticated Services; Physical Security; Module Opacity - Cisco 7609-S User Manual

With supervisor sup720-3b

Hide thumbs Also See for 7609-S:

Installation manual (120 pages)

,

Configuration manual (1011 pages)

,

Installation manual (324 pages)

Table Of Contents

Table of Contents

Advertisement

Manage the router

(r, w)

Perform Self-Tests

r: read, w: write, x: execute, z: zeroize

2.3.3 Unauthenticated Services

The services available to unauthenticated users are:

• Viewing the status output from the module's LEDs

• Powering the module on and off using the power switch on the third-party chassis

2.4

Physical Security

This module is a multi-chip standalone cryptographic module.

The FIPS 140-2 level 2 physical security requirements for the modules are met by the use of

opacity shields covering the front panels of modules to provide the required opacity and tamper

evident seals to provide the required tamper evidence. The following sections illustrate the

physical security provided by the module.

The tamper evident labels and opacity shields shall be installed for the module to operate in a

FIPS Approved mode of operation. The following table shows the number of tamper evident

labels and opacity shields. The CO is responsible for securing and having control at all times of

any unused tamper evident labels.

2.4.1 Module Opacity

To install an opacity shield on the module, follow these steps:

1. The opacity shield is designed to be installed on a Catalyst 7606-S chassis that is already

rack-mounted. If your Cisco 7606-S chassis is not rack-mounted, install the chassis in the

© Copyright 2011 Cisco Systems, Inc.

This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

status.

Log off users, shutdown or reload the

router, erase the flash memory,

manually back up router

configurations, view complete

configurations, manager user rights,

and restore router configurations.

Perform the FIPS 140 start-up tests on

demand

Table 5 - Crypto Officer Services

Model

Tamper Evident Labels

7606-S

20

7609-S

15

Opacity Shields

1

N/A

Table 6 – TELs

11

User password, Enable

password, RADIUS secret,

TACACS+ secret, DH shared

secret, Router Authentication

key, PPP authentication key,

SSH private key

N/A

Table of Contents

Show Quick Links

Hide quick links:

Advertisement

Table of Contents

This manual is also suitable for:

7606-s