24
Catalyst 6509 Switch, Cisco 7606 Router, and Cisco 7609 Router with VPN Services Module Certification Note
OL-6334-01
Cryptographic Key Management
The module supports the following:
• DES (only for legacy systems)
• 3DES
• SHA-1
• MD-5
• MD-4
• SHA-1
• HMAC
• DES MAC
• Triple-DES MAC
• MD5 HMAC
• Diffie-Hellman
• RSA [for digital signatures and encryption/decryption (for IKE authentication)]
Table 4 Role and Service Access to Critical Security Parameters (CSPs)
SRDI/Role/
Service Access Policy
Security
Relevant
Data Item Critical Security Parameters
Role/Service —
User Role —
Status Functions —
Network Functions
• CSP 1–20 (R)
• CSP 22–27 (R)
Terminal Functions —
Directory Functions —
Crypto-Officer Role —
Configure the Router
• CSP 13 (R/W/D)
• CSP 19 (R/W/D)
• CSP 21 (R/W/D)
• CSP 25 (R/W/D)
Define Rules and Filters —
Status Functions —
Manage the Router CSP 1 (R)
CSP 20–22 (R/W/D)
CSP 24 (D)
CSP 27–31 (R/W/D)
Set Encryption/Bypass —
Change Port Adapters —
To Next Page
Loading...
