Cisco 7609-S User Guide - Page 11

Manage the router (r, w) Perform Self-Tests status. Log off users, shutdown or reload the router, erase the flash memory, manually back up router configurations, view complete configurations, manager user rights, and restore router configurations. Perform the FIPS 140 start-up tests on demand User password, Enable password, RADIUS secret, TACACS+ secret, DH shared secret, Router Authentication key, PPP authentication key, SSH private key N/A r: read, w: write, x: execute, z: zeroize Table 5 - Crypto Officer Services 2.3.3 Unauthenticated Services The services available to unauthenticated users are: • Viewing the status output from the module's LEDs • Powering the module on and off using the power switch on the third-party chassis 2.4 Physical Security This module is a multi-chip standalone cryptographic module. The FIPS 140-2 level 2 physical security requirements for the modules are met by the use of opacity shields covering the front panels of modules to provide the required opacity and tamper evident seals to provide the required tamper evidence. The following sections illustrate the physical security provided by the module. The tamper evident labels and opacity shields shall be installed for the module to operate in a FIPS Approved mode of operation. The following table shows the number of tamper evident labels and opacity shields. The CO is responsible for securing and having control at all times of any unused tamper evident labels. Model 7606-S 7609-S Tamper Evident Labels Opacity Shields 20 1 15 N/A 2.4.1 Module Opacity Table 6 - TELs To install an opacity shield on the module, follow these steps: 1. The opacity shield is designed to be installed on a Catalyst 7606-S chassis that is already rack-mounted. If your Cisco 7606-S chassis is not rack-mounted, install the chassis in the © Copyright 2011 Cisco Systems, Inc. 11 This document may be freely reproduced and distributed whole and intact including this Copyright Notice.