FIPS Cryptography
Federal information processing standard (FIPS) cryptography provides cryptographic algorithms conforming to various FIPS standards
published by the National Institute of Standards and Technology (NIST), a non-regulatory agency of the US Department of Commerce.
FIPS mode is also validated for numerous platforms to meet the FIPS-140-2 standard for a software-based cryptographic module.
This chapter describes how to enable FIPS cryptography requirements on Dell Networking platforms.
NOTE:
The Dell Networking OS uses an embedded FIPS 140-2-validated cryptography module (Certificate #1747) running on
NetBSD 5.1 per FIPS 140-2 Implementation Guidance section G.5 guidelines.
NOTE:
Only the following features use the embedded FIPS 140-2-validated cryptography module:
•
SSH Client
•
SSH Server
•
RSA Host Key Generation
•
SCP File Transfers
Currently, other features using cryptography do not use the embedded FIPS 140-2-validated cryptography module.
Topics:
•
•
•
•
•
•
Configuration Tasks
To enable FIPS cryptography, complete the following configuration tasks.
•
•
•
•
•
Preparing the System
Before you enable FIPS mode, Dell Networking recommends making the following changes to your system.
1
Disable the Telnet server (only use secure shell [SSH] to access the system).
2
Disable the FTP server (only use secure copy [SCP] to transfer files to and from the system).
3
Attach a secure, standalone host to the console port for the FIPS configuration to use.
14
268
FIPS Cryptography
Содержание S3048-ON
Страница 1: ...Dell Configuration Guide for the S3048 ON System 9 11 2 5 ...
Страница 137: ...0 Gi 1 1 Gi 1 2 rx Flow N A N A 0 0 No N A N A yes Access Control Lists ACLs 137 ...
Страница 142: ...Figure 10 BFD Three Way Handshake State Changes 142 Bidirectional Forwarding Detection BFD ...
Страница 241: ...Dell Control Plane Policing CoPP 241 ...
Страница 287: ... RPM Synchronization GARP VLAN Registration Protocol GVRP 287 ...
Страница 428: ...Figure 53 Inspecting the LAG Configuration 428 Link Aggregation Control Protocol LACP ...
Страница 429: ...Figure 54 Inspecting Configuration of LAG 10 on ALPHA Link Aggregation Control Protocol LACP 429 ...
Страница 432: ...Figure 56 Inspecting a LAG Port on BRAVO Using the show interface Command 432 Link Aggregation Control Protocol LACP ...
Страница 433: ...Figure 57 Inspecting LAG 10 Using the show interfaces port channel Command Link Aggregation Control Protocol LACP 433 ...
Страница 477: ...Figure 73 Configuring Interfaces for MSDP Multicast Source Discovery Protocol MSDP 477 ...
Страница 478: ...Figure 74 Configuring OSPF and BGP for MSDP 478 Multicast Source Discovery Protocol MSDP ...
Страница 479: ...Figure 75 Configuring PIM in Multiple Routing Domains Multicast Source Discovery Protocol MSDP 479 ...
Страница 483: ...Figure 77 MSDP Default Peer Scenario 2 Multicast Source Discovery Protocol MSDP 483 ...
Страница 484: ...Figure 78 MSDP Default Peer Scenario 3 484 Multicast Source Discovery Protocol MSDP ...
Страница 634: ...protocol spanning tree pvst no disable vlan 300 bridge priority 4096 634 Per VLAN Spanning Tree Plus PVST ...
Страница 745: ...Figure 104 Single and Double Tag TPID Match Service Provider Bridging 745 ...
Страница 746: ...Figure 105 Single and Double Tag First byte TPID Match 746 Service Provider Bridging ...