hit counter script

Cisco Catalyst 4503-E Manual page 45

Catalyst 4500 series
Hide thumbs Also See for Catalyst 4503-E:
Table of Contents

Advertisement

Cisco Cat4K NDPP ST
EDCS-1228241
5.2.2.6 FCS_COP.1(4): Cryptographic operation (for keyed-hash message
authentication)
FCS_COP.1.1(4) The TSF shall perform [keyed-hash message authentication] in
5.2.2.7 FCS_RBG_EXT.1: Cryptographic operation (random bit generation)
FCS_RBG_EXT.1.1 The TSF shall perform all random bit generation (RBG)
FCS_RBG_EXT.1.2 The deterministic RBG shall be seeded with a minimum of
5.2.2.8 FCS_COMM_PROT_EXT.1: Communications protection
FCS_COMM_PROT_EXT.1.1 The TSF shall protect communications using
5.2.2.9 FCS_IPSEC_EXT.1: IPSEC
FCS_IPSEC_EXT.1.1 The TSF shall implement IPsec using the ESP protocol as
FCS_IPSEC_EXT.1.2 The TSF shall ensure that IKEv1 Phase 1 exchanges use
SHA 256, SHA-512] and message digest sizes [160, 256, 512]
bits that meet the following: FIPS Pub 180-3 "Secure Hash
Standard."
accordance with a specified cryptographic algorithm HMAC-
[SHA-1, SHA-256, SHA-512], key size [128, 192, 256 bits],
and message digest sizes [160, 256, 512] bits that meet the
following: FIPS Pub 198-1 "The Keyed-Hash Message
Authentication Code", and FIPS PUB 180-3, "Secure Hash
Standard."
services in accordance with [NIST Special Publication 800-
90 using CTR_DRBG (AES)] seeded by an entropy source
that accumulated entropy from at least one independent TSF-
hardware-based noise source.
[256 bits] of entropy at least equal to the greatest length of
the keys and authorization factors that it will generate.
[IPsec, SSH] and [no other protocol].
defined by RFC 4303 using the cryptographic algorithms
AES-CBC-128, AES-CBC-256 (both specified by RFC
3602), [no other algorithms] and using IKEv1 as defined
in RFCs 2407, 2408, 2409, and RFC 4109, [no other
methods] to establish the security association.
only main mode.
45
11 March 2014

Advertisement

Table of Contents
loading

Table of Contents