User guide
PTP 800 Series User Guide Configuring for FIPS 140-2 applications
phn-2513_004v000 (Oct 2012)
6-121
Configuring for FIPS 140-2 applications
Perform these procedure to allow the unit to operate in FIPS 140-2 secure mode. For more
information, refer to FIPS 140-2 on page 1-70 and Planning for FIPS 140-2 operation on
page 2-24.
Prerequisites for FIPS 140-2 configuration
To confirm that all prerequisites for FIPS 140-2 are ready, proceed as follows:
1
Ensure that the following cryptographic material has been generated using a
FIPS-approved cryptographic generator:
Key Of Keys
TLS Private Key and Public Certificates (for the correct IP address)
Entropy Input
Wireless Link Encryption Key for AES
2
Ensure that the CMU tamper evident labels have not be interfered with (Figure
36).
3
Identify the Port number for HTTPS.
4
Ensure that the web browsers used are enabled for HTTPS/TLS operation using
FIPS-approved cipher specifications.
5
Select menu option Management, Web, Local User Accounts and check that
the current user's role is Security Officer.
6
Perform Task 3: Installing license keys on page 6-21 and ensure that the installed
license key meets all requirements including FIPS 140-2 compatibility:
Check that Security Level is ‘FIPS’.
Check that Encryption Algorithm is ‘AES….’.
If necessary, generate and enter a new license key with the above settings.
7
Perform Task 4: Upgrading software version on page 6-25 and ensure that the
installed software version is prefixed
FIPS-. If necessary, upgrade to the latest
FIPS validated image.