FIPS
722 Administration for the Avaya G250 and Avaya G350 Media Gateways
●
CHAP authentication services must be shut down
●
Modem dial backup must be disabled
●
CNA (Chatter) test plug application must be shut down
●
SLS must be shut down
●
Telnet service must be confined to IPSEC encrypted tunnel
●
SNMP must be confined to SNMPv3 authentication service over an IPSEC encrypted
tunnel
●
TFTP configuration upload/download service must be confined to IPSEC encrypted tunnel
●
FTP configuration upload/download service must be confined to IPSEC encrypted tunnel
●
SCP client service must not be used
●
Usage of Diffie-Hellman Group 1 for IKE key negotiation must be suppressed
●
Usage of MD5 for IKE must be suppressed
●
Usage of MD5 for ESP authentication operation in IPSEC must be suppressed
●
Configuration channel between ICC/LSP (S8300) and Gateway (MGP) must be
suppressed
FIPS-related CLI commands
●
zeroize
●
enhanced security
●
show self-test-status
For a full description see
Avaya G250 and Avaya G350 CLI Reference
, 03-300437
Prerequisites for entering FIPS mode
●
User type – crypto officer
●
FIPS-approved hardware. Version 3.0.x or higher.
●
FIPS-approved Media Gateway firmware. Refer to the “Validation Lists for cryptographic
Standards” on the NIST Web site:
http://crc.nist.gov/cryptval/aes/aesval.html
●
Valid VPN license
Summary of Contents for Media Gateway G250
Page 1: ...Administration for the Avaya G250 and Avaya G350 Media Gateways 03 300436 Issue 5 June 2008 ...
Page 24: ...Contents 24 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 32: ...Introduction 32 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 38: ...Configuration overview 38 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 244: ...Configuring logging 244 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 258: ...Configuring VoIP QoS 258 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 370: ...Configuring SNMP 370 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 548: ...Configuring the router 548 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 664: ...Configuring policy 664 Administration for the Avaya G250 and Avaya G350 Media Gateways ...
Page 686: ...Setting synchronization 686 Administration for the Avaya G250 and Avaya G350 Media Gateways ...