FIPS Cryptography
Federal information processing standard (FIPS) cryptography provides cryptographic algorithms conforming to various FIPS standards
published by the National Institute of Standards and Technology (NIST), a non-regulatory agency of the US Department of Commerce.
FIPS mode is also validated for numerous platforms to meet the FIPS-140-2 standard for a software-based cryptographic module.
This chapter describes how to enable FIPS cryptography requirements on Dell Networking platforms.
NOTE:
The Dell Networking OS uses an embedded FIPS 140-2-validated cryptography module (Certificate #1747) running on
NetBSD 5.1 per FIPS 140-2 Implementation Guidance section G.5 guidelines.
NOTE:
Only the following features use the embedded FIPS 140-2-validated cryptography module:
•
SSH Client
•
SSH Server
•
RSA Host Key Generation
•
SCP File Transfers
Currently, other features using cryptography do not use the embedded FIPS 140-2-validated cryptography module.
Topics:
•
•
•
•
•
•
Configuration Tasks
To enable FIPS cryptography, complete the following configuration tasks.
•
•
•
•
•
Preparing the System
Before you enable FIPS mode, Dell Networking recommends making the following changes to your system.
1
Disable the Telnet server (only use secure shell [SSH] to access the system).
2
Disable the FTP server (only use secure copy [SCP] to transfer files to and from the system).
3
Attach a secure, standalone host to the console port for the FIPS configuration to use.
17
344
FIPS Cryptography
Содержание S4048T-ON
Страница 1: ...Dell Configuration Guide for the S4048 ON System 9 11 2 1 ...
Страница 148: ...Figure 10 BFD Three Way Handshake State Changes 148 Bidirectional Forwarding Detection BFD ...
Страница 251: ...Dell Control Plane Policing CoPP 251 ...
Страница 363: ... RPM Synchronization GARP VLAN Registration Protocol GVRP 363 ...
Страница 511: ...Figure 64 Inspecting the LAG Configuration Link Aggregation Control Protocol LACP 511 ...
Страница 512: ...Figure 65 Inspecting Configuration of LAG 10 on ALPHA 512 Link Aggregation Control Protocol LACP ...
Страница 515: ...Figure 67 Inspecting a LAG Port on BRAVO Using the show interface Command Link Aggregation Control Protocol LACP 515 ...
Страница 516: ...Figure 68 Inspecting LAG 10 Using the show interfaces port channel Command 516 Link Aggregation Control Protocol LACP ...
Страница 558: ...Figure 84 Configuring Interfaces for MSDP 558 Multicast Source Discovery Protocol MSDP ...
Страница 559: ...Figure 85 Configuring OSPF and BGP for MSDP Multicast Source Discovery Protocol MSDP 559 ...
Страница 560: ...Figure 86 Configuring PIM in Multiple Routing Domains 560 Multicast Source Discovery Protocol MSDP ...
Страница 564: ...Figure 88 MSDP Default Peer Scenario 2 564 Multicast Source Discovery Protocol MSDP ...
Страница 565: ...Figure 89 MSDP Default Peer Scenario 3 Multicast Source Discovery Protocol MSDP 565 ...
Страница 729: ...protocol spanning tree pvst no disable vlan 300 bridge priority 4096 Per VLAN Spanning Tree Plus PVST 729 ...
Страница 841: ...Figure 115 Single and Double Tag TPID Match Service Provider Bridging 841 ...
Страница 842: ...Figure 116 Single and Double Tag First byte TPID Match 842 Service Provider Bridging ...