User guide
FIPS 140-2 Chapter 1: Product description
1-72
phn-2513_004v000 (Oct 2012)
Indication of FIPS 140-2 mode
The PTP 800 is operating in FIPS 140-2 mode when the FIPS 140-2 capability logo is
displayed in the navigation bar and the FIPS Operational Mode Alarm is absent from the
Home page.
Exiting from the FIPS 140-2 operational mode
A PTP 800 in FIPS 140-2 operational mode can be prepared to accept new security
configuration by zeroizing critical security parameters (CSPs). The unit remains
FIPS 140-2 capable.
Reverting to standard operation
A FIPS 140-2 capable CMU can be used in standard (non-FIPS) mode by loading a
standard (non-FIPS) software image and rebooting.
The critical security parameters (CSPs) are zeroized when the unit is no longer FIPS 140-2
Capable.
Further reading on FIPS 140-2
For more information on FIPS 140-2, refer to the following:
• Planning for FIPS 140-2 operation on page 2-24 describes how to prepare for FIPS 140-
2 operation by obtaining the required cryptographic material and by configuring the
PTP 800 system.
• Configuring for FIPS 140-2 applications on page 6-121 is a summary of all the
configuration tasks that are necessary if the unit is to operate in FIPS 140-2 secure
mode.
• Task 3: Installing license keys on page 6-21 describes how to ensure that FIPS 140-2
operation is enabled by license key.
• Task 4: Upgrading software version on page 6-25 describes how to ensure that the
installed software version is FIPS 140-2 validated.
• Task 5: Configuring security on page 6-28 describes how to to configure the PTP 800 in
accordance with the network operator’s security policy.
• Exiting FIPS 140-2 mode on page 7-51 describes how to disable FIPS 140-2 operation.