© Copyright 2011 Cisco Systems, Inc.
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
2
Table of Contents
1
INTRODUCTION
..................................................................................................................
3
1.1
P
URPOSE
.............................................................................................................................
3
1.2
M
ODULE
V
ALIDATION
L
EVEL
............................................................................................
3
1.3
R
EFERENCES
.......................................................................................................................
3
1.4
T
ERMINOLOGY
...................................................................................................................
4
1.5
D
OCUMENT
O
RGANIZATION
...............................................................................................
4
2
CISCO 7606-S AND 7609-S ROUTERS WITH SUPERVISOR SUP720-3B
..................
5
2.1
C
RYPTOGRAPHIC
M
ODULE
P
HYSICAL
C
HARACTERISTICS
..................................................
5
2.2
M
ODULE
I
NTERFACES
.........................................................................................................
6
2.3
R
OLES AND
S
ERVICES
.........................................................................................................
8
2.3.1
Authentication
................................................................................................
9
2.3.2
Services
.........................................................................................................
9
a. User Services
........................................................................................................
9
b. Crypto Officer Services
.......................................................................................
10
2.3.3
Unauthenticated Services
............................................................................
11
2.4
P
HYSICAL
S
ECURITY
........................................................................................................
11
2.4.1
Module Opacity
...........................................................................................
11
2.4.2
Tamper Evidence
........................................................................................
13
2.5
C
RYPTOGRAPHIC
A
LGORITHMS
........................................................................................
17
2.5.1
Approved Cryptographic Algorithms
............................................................
17
2.5.2
Non-FIPS Approved Algorithms Allowed in FIPS Mode
..............................
18
2.5.3
Non-Approved Cryptographic Algorithms
....................................................
18
2.6
C
RYPTOGRAPHIC
K
EY
M
ANAGEMENT
..............................................................................
18
2.7
S
ELF
-T
ESTS
......................................................................................................................
20
2.7.1
Self-tests performed by the IOS image
.......................................................
20
3
SECURE OPERATION
......................................................................................................
21
3.1
S
YSTEM
I
NITIALIZATION AND
C
ONFIGURATION
................................................................
21
3.2
P
ROTOCOLS
......................................................................................................................
22
3.3
R
EMOTE
A
CCESS
..............................................................................................................
22