hit counter script

Cisco CSS11501 - 100Mbps Ethernet Load Balancing Device Configuration Manual page 152

11000 series secure content accelerator
Hide thumbs Also See for CSS11501 - 100Mbps Ethernet Load Balancing Device:
Table of Contents

Advertisement

Using FIPS Mode
You can create a security policy containing only the FIPS-approved algorithm you
want to use. The following example demonstrates creating a security policy
containing on the 3DES/SHA algorithm and editing a secure server to use the new
user-defined security policy rather than the FIPS security policy.
1.
2.
3.
4.
Cisco 11000 Series Secure Content Accelerator Configuration Guide
6-6
Connect to the Secure Content Accelerator using a serial management
session, and enter Privileged, Configuration, and SSL Modes. Create a
security policy named myFIPS.
[FIPS] SCA> enable
[FIPS] SCA# config
[FIPS] config[SCA]# ssl
[FIPS] ssl-config[SCA]# secpolicy myFIPS create
[FIPS] ssl-secpolicy[myFIPS]#>
Specify the 3DES/SHA cryptographic algorithm, and return to SSL
Configuration Mode.
[FIPS] ssl-secpolicy[myFIPS]#> crypto DES-CBC3-SHA
[FIPS] ssl-secpolicy[myFIPS]#> exit
[FIPS] ssl-config[SCA]#>
Enter Server Configuration Mode to edit the configuration of the server
mySecServ to use the myFIPS security policy rather than the previously
specified FIPS security policy.
[FIPS] ssl-config[SCA]#> server mySecServ
[FIPS] ssl-server[mySecServ]#> secpolicy myFIPS
[FIPS] ssl-server[mySecServ]#>
Exit to Top Level Mode.
[FIPS] ssl-server[mySecServ]# finished
[FIPS] SCA#
Chapter 6
FIPS Operation
78-13124-05

Advertisement

Table of Contents
loading

Table of Contents