EasyManua.ls Logo

Cisco 2651 - Page 38

Cisco 2651
48 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
38
Cisco 1721, 1760, 2621XM, 2651XM, 2691, 3725, and 3745 Modular Access Routers and 7206-VXR NPE-400 Router FIPS 140-2 Non-Proprietary
OL-6083-01
The Cisco 1721, 1760, 2621XM, 2651XM, 2691, 3725, 3745, and 7206 VXR NPE-400 Routers
The services accessing the CSPs, the type of access and which role accesses the CSPs are listed in
Table 19.
25 CSP 25 This key is used by the router to authenticate itself to the peer. The
key is identical to #22 except that it is retrieved from the local
database (on the router itself). Issuing the “no username
password” zeroizes the password (that is used as this key) from
the local database.
NVRAM
(plaintext)
26 CSP 26 This is the SSH session key. It is zeroized when the SSH session
is terminated.
DRAM
(plaintext)
27 CSP 27 The password of the User role. This password is zeroized by
overwriting it with a new password.
NVRAM
(plaintext)
28 CSP 28 The plaintext password of the CO role. This password is zeroized
by overwriting it with a new password.
NVRAM
(plaintext)
29 CSP 29 The ciphertext password of the CO role. However, the algorithm
used to encrypt this password is not FIPS approved. Therefore,
this password is considered plaintext for FIPS purposes. This
password is zeroized by overwriting it with a new password.
NVRAM
(plaintext)
30 CSP 30 The RADIUS shared secret. This shared secret is zeroized by
executing the “no” form of the RADIUS shared secret set
command.
NVRAM
(plaintext),
DRAM
(plaintext)
31 CSP 31 The TACACS+ shared secret. This shared secret is zeroized by
executing the “no” form of the TACACS+ shared secret set
command.
NVRAM
(plaintext),
DRAM
(plaintext)
Table 18 Critical Security Parameters (Continued)
Table 19 Role and Service Access to CSPs
SRDI/Role/Service Access Policy
Role/Service
User Role
Status Functions
Network Functions
Terminal Functions
Directory Services
Crypto-Officer Role
Configure the Router
Define Rules and Filters
Status Functions
Manage the Router
Set Encryptions/Bypass
Change WAN Interface Cards
Security Relevant Data Item
CSP 1 r dr
w
d
CSP 2
r r
w
d

Table of Contents

Related product manuals