User guide

ManualsBrandsRaritan ManualsComputer equipmentDominion KX II

201

202

203

204

205

206

207

208

209

210

Chapter 9: Security Management

200

Note: When using the P2CIM-AUSBDUAL or P2CIM-APS2DUAL to

attach a target to two Dominion KX IIs, if Private access to the targets is

required, both KVM switches must have Private set as their PC Share

Mode.

See Supported Paragon CIMS and Configurations (on page 267) for

additional information on using Paragon CIMs with the Dominion KX II.

Checking Your Browser for AES Encryption

The Dominion KX II supports AES-256. If you do not know if your

browser uses AES, check with the browser manufacturer or navigate to

the https://www.fortify.net/sslcheck.html website using the browser with

the encryption method you want to check. This website detects your

browser's encryption method and displays a report.

Note: IE6 does not support AES 128 or 256-bit encryption.

AES 256 Prerequisites and Supported Configurations

AES 256-bit encryption is supported on the following web browsers only:

 Firefox

2.0.0.x and 3

 Mozilla

1.7.13

 Internet Explorer

7 and 8

In addition to browser support, AES 256-bit encryption requires the

installation of Java

™

Cryptography Extension (JCE) Unlimited Strength

Jurisdiction Policy Files.

Jurisdiction files for various JREs

™

are available at the “other downloads”

section of the following link:

 JRE1.6 - http://java.sun.com/javase/downloads/index_jdk5.jsp

Enabling FIPS 140-2

For government and other high security environments, enabling FIPS

140-2 mode may be desirable. The Dominion KX II uses an embedded

FIPS 140-2-validated cryptographic module running on a Linux

platform

per FIPS 140-2 Implementation Guidance section G.5 guidelines. Once

this mode is enabled, the private key used to generate the SSL

certificates must be internally generated; it cannot be downloaded or

exported.

To enable FIPS 140-2:

1. Access the Encryption & Share page (see Encryption & Share (on

page 197)).