-
Cisco Router Cisco 7206 VXR - page 1
Corporate Headquarters: Copyright © 20 0 1 . Cisco Systems, Inc. All rights reserved. Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134-1706 USA Cisco 7206 VXR Router with ISA Security Policy Introduction This nonpropriet ary Cryptographic Module Security Poli cy describes ho w the 7206 VXR NPE-400 routers meet the security requirem e ...
-
Cisco Router Cisco 7206 VXR - page 2
2 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router References This docume nt deals with operations an d capabiliti es of the 7206 VXR NPE- 400 router in the technical terms of a FIPS 140-1 cryptographic module secu rity policy . For more in formation on Cisco 7206 VXR NPE-400 router and the entire 7200 series, check the fo ...
-
Cisco Router Cisco 7206 VXR - page 3
3 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router Cisco 7200 VXR ro uters accommodate a variety of netw ork interface port adapters and an I/O controller . A Cisco 7200 VXR router equipped with an NPE-400 can su pport up to six high-speed port ad apters and can also support higher-speed po rt adap ter interfaces including ...
-
Cisco Router Cisco 7206 VXR - page 4
4 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router The NPE-400 has three lev els of cache: a primary and a se condary cache that are internal to the microprocessor , and a tertiary 4-MB e xternal cache th at provides additional hi gh-speed storage for data and instructions. Cisco 7206 VXR routers come equipped with one 280 ...
-
Cisco Router Cisco 7206 VXR - page 5
5 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router . All of these physical interf aces are sepa rated into the logi cal interfaces from FIP S as described in Ta b l e 3 . Integrated Service Adapter The ISA is a single-width service adapter . It provides high-perform ance, hardw are-assisted tunneling and encryption service ...
-
Cisco Router Cisco 7206 VXR - page 6
6 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router Fi gu r e 3 L ED s for ISA Cry pto Card Refer to Ta b l e 2 for further description of the ISA LEDs All of these physical interf aces are sepa rated into the logi cal interfaces from FIP S as described in Ta b l e 3 . ENCR YPT/COMP SA-ISA ENABLE BOOT ERROR 17607 T able 2 I ...
-
Cisco Router Cisco 7206 VXR - page 7
7 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router * Disabled in FIPS mode. See the “Secure Operatio n of the Ci sco 7206 VXR NPE-400 Router” section in this document for mor e information. In addition to th e built-in int erfaces, the router also has additional por t adapters that can optionally be placed in an av ail ...
-
Cisco Router Cisco 7206 VXR - page 8
8 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router Cryptographic Officer Services During initial conf iguration of the rout er , a cryptographic of ficer (cryp to off icer) password (t he “enable” password) is def ined and all management services are a vailable fro m this role. The crypto of ficer connects to the route ...
-
Cisco Router Cisco 7206 VXR - page 9
9 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router Once the router has been conf igured to meet FIPS 140-1 Le vel 2 r equirements, the router cannot b e accessed without signs of tamperi ng. T o seal the system, apply serialized tamper -evi dence labels as follo ws: • Clean the co ver of any gr ease, dirt, or oil before ...
-
Cisco Router Cisco 7206 VXR - page 10
10 Cisco 7206 VXR Router with ISA Security Policy The 7206 VXR NPE-400 Router Figure 4 sho ws the tamper evidence label placements. Figure 4 T amper Evidence Label Placement The tamper e vidence seals are prod uced from a special thin gauge vin yl with self- adhesi ve backing. A ny attempt to remo ve port adapters o r service modules will damage th ...
-
Cisco Router Cisco 7206 VXR - page 11
11 Cisco 7206 VXR Router with ISA Security Policy Secure Operation of the Cisco 7206 VXR NPE-400 Router Cryptographic Key Management The router securely administers both crypto graphic ke ys and ot her critical security parameters such as passwords. The tamper e vidence seal s provide physical protec tion for all ke ys. Ke ys are also passw ord pro ...
-
Cisco Router Cisco 7206 VXR - page 12
12 Cisco 7206 VXR Router with ISA Security Policy Secure Operation of the Cisco 7206 VXR NPE-400 Router • The crypto off icer must create the “enable” pas sw ord for the crypto off icer role. The pas sw ord must be at least 8 characters and is entered when the crypto of ficer f irst engages the enable command. The crypto off icer enters the f ...
-
Cisco Router Cisco 7206 VXR - page 13
13 Cisco 7206 VXR Router with ISA Security Policy Obtaining Documentation • T elnet access to the module is only allo wed via a secure IPSec tunnel between the remote syste m and the module. The cry pto off icer must conf igure the module so that any remote connection s via telnet are secured through IPSec. Obtaining Documentation The follo wing ...
-
Cisco Router Cisco 7206 VXR - page 14
14 Cisco 7206 VXR Router with ISA Security Policy Obtaining Technica l Assistance T o submit your comments b y mail, use the response card behind t he front cove r of your document, or write to the follo wing address: Attn Document Resource Connection Cisco Systems, Inc. 170 W est T asman Driv e San Jose, CA 95134-9883 W e appreciate your comments. ...
-
Cisco Router Cisco 7206 VXR - page 15
15 Cisco 7206 VXR Router with ISA Security Policy Obtaining Technical Assistance P3 and P4 le vel problems are def ined as follo ws: • P3—Y our network performance is de graded. Network f unctionality is noticeably impaired, b ut most busine ss operations continue. • P4—Y ou need information or assistance on Cisco product capabilities, p ro ...
-
Cisco Router Cisco 7206 VXR - page 16
16 Cisco 7206 VXR Router with ISA Security Policy Obtaining Technica l Assistance ...
Cisco Router Cisco 7206 VXRについてご質問がありますか?
次のフォームを使用してください
見つけた説明書を読んでもCisco Router Cisco 7206 VXRの問題を解決できない場合、下記のフォームを使用して質問をしましょう。ユーザーのどなたかがCisco Router Cisco 7206 VXRで同様の問題を抱えていた場合、その解決方法を共有したいと考えるかもしれません。