Home » Nokia Manuals » Network Security & Firewall Devices » Nokia IP265 » Manual Viewer

Nokia IP265 Security Guide - Page 36

Notes, Only 1024-bit or higher DSA and RSA key sizes should be used in FIPS mode., Nokia

Add to My Manuals
Save this manual to your list of manuals

Page 36 highlights

Figure 5 - Only Pre-shared Keys or Digital Certificates Can Be Used to Authenticate Clients Notes: Only 1024-bit or higher DSA and RSA key sizes should be used in FIPS mode. © Copyright 2005, 2006, 2007 Nokia Page 36 of 43 This document may be freely reproduced and distributed whole and intact including this Copyright Notice.

Section	Page
Introduction	3
Purpose	3
References	3
Nokia VPN Appliance	4
Overview	4
Cryptographic Module	5
Module Interfaces	7
Roles and Services	8
Crypto Officer Role	8
User Role	13
Authentication Mechanisms	13
Crypto Officer Authentication	14
User Authentication	15
Estimated Strength of the Authentication Mechanisms	15
Electromechanical Interference/Compatibility (FCC Compliance)	16
Physical Security	16
Operational Environment	16
Cryptographic Key Management	17
Key Generation	23
Key Establishment	23
Key Entry and Output	23
Key Storage	23
Key Zeroization	23
Self-Tests	24
Design Assurance	25
Mitigation of Other Attacks	25
Secure Operation (Approved Mode)	26
Crypto Officer Guidance	26
Hardware Setup	26
Applying the Tamper-Evident Seal(s)	26
Module Initialization	28
Installing, Upgrading or Downgrading the Module Firmware	28
SCENARIO 1 – Upgrade Check Point VPN-1 module to	29
SCENARIO 2 – Upgrade both the IPSO and Check Poin	30
Initializing Check Point Modules	31
Setting the Module to FIPS Mode	32
Initializing the Remote Management of the Module	32
Management and Monitoring	33
User Guidance	39
APPENDIX A – Disabled Mechanisms	41
Appendix B – Algorithm Validation Certificate Num	42