Table of Contents
1
INTRODUCTION
.......................................................................................................
3
1.1
P
URPOSE
..............................................................................................................
3
1.2
R
EFERENCES
........................................................................................................
3
2
NOKIA VPN APPLIANCE
.........................................................................................
4
2.1
O
VERVIEW
............................................................................................................
4
2.2
C
RYPTOGRAPHIC
M
ODULE
.....................................................................................
5
2.3
M
ODULE
I
NTERFACES
.............................................................................................
7
2.4
R
OLES AND
S
ERVICES
............................................................................................
8
2.4.1
Crypto Officer Role
........................................................................................
8
2.4.2
User Role
....................................................................................................
14
2.4.3
Authentication Mechanisms
.........................................................................
14
2.5
E
LECTROMECHANICAL
I
NTERFERENCE
/C
OMPATIBILITY
(FCC
C
OMPLIANCE
)
.............
16
2.6
P
HYSICAL
S
ECURITY
............................................................................................
16
2.7
O
PERATIONAL
E
NVIRONMENT
...............................................................................
16
2.8
C
RYPTOGRAPHIC
K
EY
M
ANAGEMENT
....................................................................
17
2.8.1
Key Generation
...........................................................................................
23
2.8.2
Key Establishment
.......................................................................................
23
2.8.3
Key Entry and Output
..................................................................................
23
2.8.4
Key Storage
.................................................................................................
23
2.8.5
Key Zeroization
...........................................................................................
23
2.9
S
ELF
-T
ESTS
........................................................................................................
24
2.10
D
ESIGN
A
SSURANCE
............................................................................................
25
2.11
M
ITIGATION OF
O
THER
A
TTACKS
...........................................................................
25
3
SECURE OPERATION (APPROVED MODE)
........................................................
26
3.1
C
RYPTO
O
FFICER
G
UIDANCE
................................................................................
26
3.1.1
Hardware Setup
..........................................................................................
26
3.1.2
Installing, Upgrading or Downgrading the Module Firmware
.......................
28
3.1.3
Initializing Check Point Modules
..................................................................
31
3.1.4
Setting the Module to FIPS Mode
................................................................
32
3.1.5
Initializing the Remote Management of the Module
.....................................
32
3.1.6
Management and Monitoring
.......................................................................
33
3.2
U
SER
G
UIDANCE
.................................................................................................
39
APPENDIX A – DISABLED MECHANISMS
.................................................................
41
APPENDIX B – ALGORITHM VALIDATION CERTIFICATE NUMBERS
....................
42
APPENDIX C
– ACRONYM DEFINITIONS
.................................................................
43
© Copyright 2005, 2006, 2007
Nokia
Page 2 of 43
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.