Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy Level 2 Valiation Version 1.1 July 2011 Table of Contents Introuction 2 References 2 Document Organization 2 Moule Descriptions 3 Cisco 7206VXR NPE-G2 3 Cisco VPN Services Aapter (VSA) 3 Moule Valiation Level 3 Cryptographic Moule 4 Moule Interfaces 4 Roles, Services & Authentication 5 User Services 6 Cryptographic Key Management 7 Self-Tests 11 Secure Operation 12 System Initialization an Configuration 13 IPSec Requirements & Cryptographic Algorithms 14 Protocols 14 Remote Access 14 Americas Heaquarters: Cisco Systems, Inc., 170 West Tasman Drive, San Jose, CA 95134 1706 USA 20010 Cisco Systems, Inc. All rights reserve. This ocument may be freely reprouce an istribute whole an intact incluing this copyright notice

Tamper Evience 15 7206VXR NPE-G2 with VSA 15 Acronym 17 Obtaining Documentation, Support & Security Guielines 18 Introuction References This is a non-proprietary Cryptographic Moule Security Policy for the 7206VXR NPE-G2 with VSA from Cisco Systems, Inc., referre to in this ocument as the moules, routers, or by the specific moel name. This security policy escribes how moules meet the security requirements of FIPS 140-2 an how to run the moules in a FIPS 140-2 moe of operation. This policy was prepare as part of the FIPS 140-2 Level 2 valiation of the following moule: 7206VXR NPE-G2 with VSA FIPS 140-2 (Feeral Information Processing Stanars Publication 140-2: Security Requirements for Cryptographic Moules) etails the U.S. Government requirements for cryptographic moules. More information about the FIPS 140-2 stanar an valiation program is available on the NIST website at http://csrc.nist.gov/groups/stm/inex.html. This ocument eals only with operations an capabilities of the moule in the technical terms of a FIPS 140-2 cryptographic moule security policy. More information is available on the moule from the following sources: The Cisco Systems website http://www.cisco.com contains information on the full line of proucts from Cisco Systems. The NIST Cryptographic Moule Valiation Program website http://csrc.nist.gov/groups/stm/inex.html contains contact information for answers to technical or sales-relate questions for the moule. Document Organization The Security Policy ocument is one ocument in a FIPS 140-2 Submission Package. In aition to this ocument, the Submission Package contains: Venor Evience ocument Finite State Machine Other supporting ocumentation as aitional references With the exception of this Non-Proprietary Security Policy, the FIPS 140-2 Valiation Documentation is proprietary to Cisco Systems, Inc. an is releasable only uner appropriate non-isclosure agreements. For access to these ocuments, please contact Cisco Systems, Inc. 2 2 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Moule Descriptions Cisco 7206VXR NPE-G2 Cisco 7206 VXR routers are esigne to support gigabit capabilities an to improve ata, voice, an vieo integration in both service provier an enterprise environments. Cisco 7206 VXR routers support a high-spee network processing engines like NPE-G2 an all other available network processing engines. Cisco 7206 VXR routers accommoate a variety of network interface port aapters an an Input/Output (I/O) controller. A Cisco 7206 VXR router equippe with NPE-G2 can support up to six high-spee port aapters an can also support higher-spee port aapter interfaces incluing Gigabit Ethernet an OC-12 ATM (Optical Carrier-12 Asynchronous Transfer Moe). In aition, a Cisco 7206VXR router with an NPE-G2 provies integrate I/O functionality. Cisco 7206 VXR routers also contain bays for up to two AC-input or DC-input power supplies. Cisco 7206 VXR routers support the following features: Online insertion an removal (OIR): A, replace or remove port aapters without interrupting the system. Dual hot-swappable, loa-sharing power supplies: Provie system power reunancy; if one power supply or power source fails, the other power supply maintains system power without interruption. Also, when one power supply is powere off an remove from the router, the secon power supply immeiately takes over the router power requirements without interrupting normal operation of the router. Environmental monitoring an reporting functions: Maintain normal system operation by resolving averse environmental conitions prior to loss of operation. Downloaable software: Loa new images into Flash memory remotely, without having to physically access the router. This capability is not permitte in FIPS moe of operations, however. Cisco VPN Services Aapter (VSA) The Cisco 7206VXR NPE-G2 routers incorporate the VPN Services Aapter (VSA) cryptographic accelerator car that fits into the I/O controller slot of the 7206VXR. The VSA features haare acceleration for various cryptographic algorithms, proviing increase performance for site-to-site an remote-access IPSec VPN services. The Cisco VSA supports full Layer 3 routing, quality of service (QoS), multicast an multiprotocol traffic, an broa support of integrate LAN/WAN meia. The VSA off-loas IPSec processing from the main processor, thus freeing resources on the processor engines for other tasks. The evaluate platform consists of the following: 7206VXR Haare Version 2.9 NPE-G2 Haare Version 1.0 VSA Haare Version 1.0 Moule Valiation Level The following table lists the level of valiation for each area in the FIPS PUB 140-2. 3

No. Area Title Level 1 Cryptographic Moule Specification 2 2 Cryptographic Moule Ports an Interfaces 2 3 Roles, Services, an Authentication 2 4 Finite State Moel 2 5 Physical Security 2 6 Operational Environment N/A 7 Cryptographic Key management 2 8 Electromagnetic Interface/Electromagnetic Compatibility 2 9 Self-Tests 2 10 Design Assurance 2 11 Mitigation of Other Attacks N/A Cryptographic Moule The cryptographic bounary for the 7206VXR NPE-G2 with VSA is efine as encompassing the "top," "front," "left," "right," an "bottom" surfaces of the case; all portions of the "backplane" of the case which are not esigne to accommoate a removable port aapter; the inverse of the three-imensional space within the case that woul be occupie by an installe port aapter an the VSA installe into the I/O controller slot. The cryptographic bounary inclues VSA installe into the I/O controller slot an the connection apparatus between the port aapter an the motherboar/aughterboar that hosts the port aapter, but the bounary oes not inclue the port aapter itself. In other wors, the cryptographic bounary encompasses all haare components within the case of the evice except any installe moular port aapter. All of the functionality iscusse in this ocument is provie by components within this cryptographic bounary. Each moule is a multi-chip stanalone moule. Moule Interfaces Each moule provies a number of physical an logical interfaces to the evice, an the physical interfaces provie by the moule are mappe to four FIPS 140-2 efine logical interfaces: ata input, ata output, control input, an status output. The logical interfaces an their mapping are escribe in the following tables: Table 2 FIPS 140-2 Logical Interfaces: 7206VXR NPE-G2 with VSA Router Physical Interface FIPS 140-2 Logical 10/100/1000 RJ-45 Port SFP Gigabit Ethernet Port Port Aapter/Mi plane Interface Console Port Auxiliary Port Data Input Interface 4 4 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

10/100/1000 BASE-TX LAN Port Gigabit Ethernet Port Port Aapter Interface Console Port Auxiliary Port 10/100 Management Port 10/100/1000 BASE-TX LAN Port Gigabit Ethernet Port Port Aapter Interface Power Switch Reset Switch Console Port Auxiliary Port 10/100 Management Port Data Output Interface Control Input Interface 10/100/1000 BASE-TX LAN Port Port Aapter Interface Gigabit Ethernet Port LEDs Console Port Auxiliary Port 10/100 Management Port Power Plug Status Output Interface Power Interface Roles, Services & Authentication Authentication is role-base. There are two main roles in the router that operators may assume: the Crypto Officer role an the User role. The aministrator of the router assumes the Crypto Officer role in orer to configure an maintain the router using Crypto Officer services, while the Users exercise only the basic User services. The moule supports RADIUS an TACACS+ for authentication. A complete escription of all the management an configuration capabilities of the moules can be foun in the Performing Basic System Management manual an in the online help for the moules. The User an Crypto Officer passwors an the RADIUS/TACACS+ share secrets must each be at least 8 characters long, incluing at least one letter an at least one number character, in length. See the Secure Operation section for more information. If 6 integers, one special character an one alphabet are use without repetition for an 8 igit PIN, the probability of ranomly guessing the correct sequence is 1 in 832,000,000. In orer to successfully guess the sequence in one minute woul require the ability to make over 13,000,000 guesses per secon, which far excees the operational capabilities of the moule. Incluing the rest of the alphanumeric characters rastically ecreases the os of guessing the correct sequence. The 7206 can also use certificate creentials using 1024 bit RSA keys an SHA-1 in such a case the security strength is 80 bits, so an attacker woul have a 1 in 2 80 chance of a successful authentication which is much stronger than the one in a million chance require by FIPS 140-2. To excee a one in 100,000 probability of a successful ranom key guess in one minute, an attacker woul have to be capable of approximately 1.8 x 10 21 attempts per minute, which vastly excees the operational capabilities of the moule to support. 5

User Services A User enters the system by accessing the console/auxiliary port with a terminal program or via IPSec protecte Telnet or SSH v2 session to a LAN port. The IOS prompts the User for their passwor. If the passwor is correct, the User is allowe entry to the IOS executive program. The services available to the User role consist of the following: Status Functions: View state of interfaces an protocols, version of IOS currently running Network Functions: Connect to other network evices through outgoing telnet, PPP, etc. an initiate iagnostic network services (i.e., ping, mtrace) Terminal Functions: Ajust the terminal session (e.g., lock the terminal, ajust flow control) Directory Services: Display irectory of files kept in flash memory Get VPN service: Negotiation an encrypte ata transport via Get VPN Perform Self-Tests: Perform the FIPS 140 start-up tests on eman Crypto Officer Services A Crypto Officer enters the system by accessing the console/auxiliary port with a terminal program or via IPSec protecte telnet or SSH v2 session to a LAN port. The Crypto Officer authenticates as a User an then authenticates as the Crypto Officer role.. During initial configuration of the router, the Crypto Officer passwor (the enable passwor) is efine. A Crypto Officer may assign permission to access the Crypto Officer role to aitional accounts, thereby creating aitional Crypto Officers. The Crypto Officer role is responsible for the configuration an maintenance of the router. The Crypto Officer services consist of the following: Configure the Router Define network interfaces an settings, create comman aliases, set the protocols the router will support, enable interfaces an network services, set system ate an time, an loa authentication information. Define Rules an Filters Create packet Filters that are applie to User ata streams on each interface. Each Filter consists of a set of Rules, which efine a set of packets to permit or eny base characteristics such as protocol ID, aresses, ports, TCP connection establishment, or packet irection. Status Functions View the router configuration, routing tables, active sessions, use get commans to view SNMP MIB statistics, health, temperature, memory status, voltage, packet statistics, review accounting logs, an view physical interface status. Manage the Router Log off users, shutown or reloa the router, manually back up router configurations, view complete configurations, manager user rights, an restore router configurations. Set Encryption/Bypass Set up the configuration tables for IP tunneling. Set keys an algorithms to be use for each IP range or allow plaintext packets to be set from specifie IP aress. Change Port Aapters Insert an remove aapters in a port aapter slot. Change VSA Insert an remove VSA in an I/O Controller slot. (This service available only for 7206VXR NPE-G2 with VSA) 6 6 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Perform Self-Tests: Perform the FIPS 140 start-up tests on eman Unauthenticate Services Observe L.E.D. status Perform Power up Self-Test Perform Bypass Function Cryptographic Key Management The router securely aministers both cryptographic keys an other critical security parameters such as passwors. The tamper evience seals provie physical protection for all keys. All keys are also protecte by the passwor-protection on the Crypto Officer role login, an can be zeroize by the Crypto Officer. All zeroization consists of overiting the memory that store the key. Keys are exchange an entere electronically or via Internet Key Exchange (IKE). The moule supports the following critical security parameters (CSPs): Table 4 CSP Name Critical Security Parameters Description CSP 1 This is the see key for X9.31 RNG. This key is store in an upate perioically after the generation of 400 bytes; hence, it is zeroize perioically. Also, the operator can turn off the router to zeroize this key. CSP 2 The public an private exponents use in Diffie-Hellman (DH) exchange. Zeroize after DH share secret has been generate. CSP 3 The share secret within IKE exchange. Zeroize when IKE session is terminate. CSP 4 Same as above CSP 5 Same as above CSP 6 Same as above CSP 7 The IKE session encrypt key. The zeroization is the same as above. CSP 8 The IKE session authentication key. The zeroization is the same as above. Storage CSP 9 The key use to generate IKE skeyi uring preshare-key NVRAM authentication. The no crypto isakmp key comman zeroizes it. This key can have two forms base on whether the key is relate to the hostname or the IP aress. CSP 10 This key generates keys 3, 4, 5 an 6. This key is zeroize after generating those keys. 7

CSP 11 The fixe key use in Cisco venor ID generation. This key is embee in the moule binary image an can be elete by erasing the Flash. CSP 12 The IPSec encryption key. Zeroize when IPSec session is terminate. CSP 13 The IPSec authentication key. The zeroization is the same as above. NVRAM CSP 14 This key is use by the router to authenticate itself to the peer. The router itself gets the passwor (that is use as this key) from the AAA server an sens it onto the peer. The passwor retrieve from the AAA server is zeroize upon completion of the authentication attempt. CSP 15 The authentication key use in PPP. This key is in the an not zeroize at runtime. One can turn off the router to zeroize this key because it is store in. CSP 16 This key is use by the router to authenticate itself to the peer. The key is retrieve from the local atabase (on the router itself). Issuing the no username passwor comman zeroizes the passwor (that is use as this key) from the local atabase. CSP 17 The passwor of the User role. This passwor is zeroize by overiting it with a new passwor. CSP 18 The plaintext passwor of the CO role. This passwor is zeroize by overiting it with a new passwor. NVRAM NVRAM NVRAM CSP 19 The ciphertext passwor of the CO role. However, the algorithm NVRAM use to encrypt this passwor is not FIPS approve. Therefore, this passwor is consiere plaintext for FIPS purposes. This passwor is zeroize by overiting it with a new passwor. CSP 20 The RADIUS share secret. This share secret is zeroize by executing the no form of the RADIUS share secret set comman. CSP 21 The TACACS+ share secret. This share secret is zeroize by executing the no form of the RADIUS share secret set comman. CSP 22 The SSH session key. It is zeroize automatically when the SSH session is terminate. CSP 231 The keys an CSPS above from no.1 to 21 are locate in the router outsie VSA CSP 24 NVRAM, NVRAM, GDOI TEK algorithm key - This key is create using the GROUPKEY-PULL registration protocol an upate using the GROUPKEY-PUSH registration protocol with GDOI. It is use to encrypt ata traffic between Get VPN peers 8 8 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

CSP 25 GDOI KEK algorithm key - This key is create using the GROUPKEY-PULL registration protocol with GDOI. It is use protect GDOI rekeying ata. CSP 26 GDOI TEK integrity key CSP 27 Diffie Hellman private exponent - The private exponent use in Diffie-Hellman (DH) exchange as part of IKE. Zeroize after DH share secret has been generate. CSP 28 RSA private exponent - The private exponent use in RSA exchange as part of IKE an SSH. Zeroize after RSA share secret has been generate. 1. This key not present in 7206VXR NPE-G2 with VSA. The services accessing the CSPs, the type of access an which role accesses the CSPs are liste in Table 5. The moule supports IOS implementations of Triple-DES, DES-MAC, Triple- DES-MAC, AES, SHA-1, HMAC SHA-1, MD5, HMAC MD5, Diffie-Hellman, RNG an RSA cryptographic algorithms. Except for SHA-1 an RNG none of the other software algorithm implementations are use when operating in FIPS moe. IOS implementation of Diffie-Hellman is use in all moule configurations except 7206VXR NPE-G2 with VSA which uses haare implementation of DH. NOTE: Pursuant to the DES Transition Plan an the approval of the Withrawal of Feeral Information Processing Stanar (FIPS) 46-3, Data Encryption Stanar (DES); FIPS 74, Guielines for Implementing an Using the NBS Data Encryption Stanar; an FIPS 81, DES Moes of Operation, the DES algorithm shall not be use in FIPS approve moe of operation. 9

Table 5 Role an Service Access to CSPs SRDI/Role/Service Access Policy Role/Service Security Relevant Data Item CSP 1 CSP 2 CSP 3 CSP 4 CSP 5 CSP 6 CSP 7 CSP 8 CSP 8 CSP 10 CSP 11 CSP 12 CSP 13 CSP 14 CSP 15 CSP 16 CSP 17 CSP 18 CSP 19 CSP 20 CSP 21 CSP 22 CSP 23 CSP 24 CSP 25 CSP 26 CSP 27 CSP 28 User role Status Functions Network Functions r r r r r r r r r r r r r r r r r Terminal Functions Directory Services Get VPN Crypto-Officer Role Configure the Router Define Rules an Filters Status Functions Manage the Router Set Encryption/Bypass r w Change Port Aapters Change VSA 10 10 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Each cryptographic implementation has achieve the following valiations: Table 6 Algorithm Certificates Algorithm IOS (NPE-G2) VSA AES Not supporte in FIPS moe 91 Triple-DES Not supporte in 204 FIPS moe SHA-1 1303 500 HMAC SHA-1 Not supporte in 203 FIPS moe RNG 786 - RSA Not supporte in FIPS moe 707 Self-Tests The moule supports the following key management schemes: Pre-share key exchange via electronic key entry. Triple-DES/AES key an HMAC-SHA-1 key are exchange an entere electronically. Internet Key Exchange metho with support for pre-share keys exchange an entere electronically. o The pre-share keys are use with Diffie-Hellman key agreement technique to erive DES, Triple-DES or AES keys. o The pre-share key is also use to erive HMAC-SHA-1 key. The Diffie-Hellman key establishment methoology provies 80 or 96 bits of encryption strength. GDOI Key wrapping, key establishment methoology provies between 128 bits an 256 bits of encryption strength per NIST 800-57. All pre-share keys are associate with the CO role that create the keys, an the CO role is protecte by a passwor. Therefore, the CO passwor is associate with all the pre-share keys. The Crypto Officer nees to be authenticate to store keys. All Diffie-Hellman (DH) keys agree upon for iniviual tunnels are irectly associate with that specific tunnel only via the IKE protocol. All of the keys an CSPs of the moule can be zeroize. Please refer to Figure 4 for information on methos to zeroize each key an CSP. The moules inclue an array of self-tests that are run uring startup an perioically uring operations to prevent any secure ata from being release an to insure all components are functioning correctly. The moules implement the following power-on self-tests: 11

Table 7 Moule Power On Self Tests Implementation IOS VSA Tests Performe Software/firmware test Bypass test SHA-1 KAT RNG KAT Firmware integrity test Triple-DES KAT AES KAT SHA-1 KAT HMAC-SHA-1 KAT RSA KAT DH Test 1. IOS implementation of DH is not use in 7206VXR NPE-G2 with VSA. The moules perform all power-on self-tests automatically at boot. All power-on self-tests must be passe before any operator can perform cryptographic services. The power-on selftests are performe after the cryptographic systems are initialize but prior to the initialization of the LANs; this prevents the moule from passing any ata uring a power-on self-test failure. In aition, the moule also provies the following conitional self-tests: Table 8 Moule Conitional Self Tests Implementation Tests Performe IOS Continuous Ranom Number Generator test for the FIPS-approve RNG Continuous Ranom Number Generator test for the non-approve RNGs Conitional Bypass test RSA PWCT VSA Continuous Ranom Number Generator test for the non-approve RNG Secure Operation These routers meet all the applicable Level 2 requirements for FIPS 140-2. Follow the setting instructions provie below to place the moule in FIPS moe. Operating this router without maintaining the following settings will remove the moule from the FIPS approve moe of operation. All configuration activities must be performe via the comman line interface via the console (for initial configuration) or IPSec protecte SSH v2 or telnet sessions neither the web configuration tools CSRW or SDM may be use. 12 12 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

System Initialization an Configuration Step 1 The Crypto Officer must perform the initial configuration. The following avance enterprise buils are the only allowable images; no other image may be loae. 7206VXR NPE-G2 with VSA: c7200-aventerprisek9-mz.124-15.t10 (IOS version 12.4(15)T10) an c7200-aventerprisek9-mz.124-15.t14 (IOS version 12.4(15)T14) Step 2 The value of the boot fiel must be 0x0102. This setting isables break from the console to the ROM monitor an automatically boots the IOS image. From the configure terminal comman line, the Crypto Officer enters the following syntax: config-register 0x0102 Step 3 The Crypto Officer must enter the following comman to prevent failover to software implementation: no crypto engine software ipsec Step 4 The Crypto Officer must create the enable passwor for the Crypto Officer role. The passwor must be at least 8 characters, incluing at least one letter an at least one number, an is entere when the Crypto Officer first engages the enable comman. The Crypto Officer enters the following syntax at the # prompt: enable secret [PASSWORD] Step 5 The Crypto Officer must always assign passwors (of at least 8 characters, incluing at least one letter an at least one number) to users. Ientification an authentication on the console/auxiliary port is require for Users. From the configure terminal comman line, the Crypto Officer enters the following syntax: line con 0 passwor [PASSWORD] login local Step 6 Step 7 The Crypto Officer shall not assign users to privilege level other than Level 1 (the efault). The Crypto Officer may configure the moule to use RADIUS or TACACS+ for authentication. Configuring the moule to use RADIUS or TACACS+ for authentication is optional. If the moule is configure to use RADIUS or TACACS+, the Crypto-Officer must efine RADIUS or TACACS+ share secret keys that are at least 8 characters long, incluing at least one letter an at least one number. Step 8 Step 9 The Crypto Officer must apply tamper evience labels as escribe later in this ocument. The moule must be configure to only use haare acceleration. As such if there is a failure in the VSA car, the moule is consiere to be out of FIPS-Approve Moe of operation. A failure in the integrity check for VSA will be inicate via the following console message: 13

VSA boot error: POST FAILURE The status of the VSA can also be verifie with the show crypto engine accelerator statistic an show crypto eli commans. NOTE: The keys an CSPs generate in the cryptographic moule uring FIPS moe of operation cannot be use when the moule transitions to non-fips moe an vice versa. While the moule transitions from FIPS to non-fips moe or from non-fips to FIPS moe, all the keys an CSPs are to be zeroize by the Crypto Officer. IPSec Requirements & Cryptographic Algorithms Step 1 Step 2 Step 3 The only type of key management that is allowe in FIPS moe is Internet Key Exchange (IKE). Although the IOS implementation of IKE allows a number of algorithms, only the following algorithms are allowe in a FIPS 140-2 configuration: ah-sha-hmac esp-sha-hmac esp-3es esp-aes The following algorithms shall not be use: MD-5 for signing MD-5 HMAC DES Software implementations of AES, DES, Triple-DES, SHA-1, an HMAC Protocols Step 1 SNMP v3 over a secure IPSec tunnel may be employe for authenticate, secure SNMP gets an sets. Since SNMP v2c uses community strings for authentication, only gets are allowe uner SNMP v2c. Step 2 Secure DNS is not allowe in FIPS moe of operation an shall not be configure. Remote Access Step 1 Telnet access to the moule is only allowe via a secure IPSec tunnel between the remote system an the moule. The Crypto officer must configure the moule so that any remote 14 14 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

connections via telnet are secure through IPSec, using FIPS-approve algorithms. Note that all users must still authenticate after remote access is grante. Step 2 SSH access to the moule is allowe in FIPS approve moe of operation, using SSH v2 an a FIPS approve algorithm. Tamper Evience All Critical Security Parameters are store an protecte within each appliance s tamper evient enclosure. The aministrator is responsible for properly placing all tamper evient labels. The security labels for FIPS 140-2 compliance are provie in the FIPS Kit: Prouct Number: CVPN7200FIPS/KIT= Prouct Description: Kit(Instructions,labels)to configure 7206 for FIPS operation These security labels are very fragile an cannot be remove without clear signs of amage to the labels. The Crypto Officer shoul inspect the tamper evient labels perioically to verify they are intact an the serial numbers on the applie tamper evient labels match the recors in the security log. Any port aapter slot not populate with a port aapter must be populate with an appropriate slot cover in orer to operate in a FIPS compliant moe. The slot covers are inclue with each router, an aitional covers may be orere from Cisco. The same proceure mentione below to apply tamper evience labels for port aapters must also be followe to apply tamper evience labels for the slot covers. The Tamper evient labels (12) shall be installe for the moule to operate in FIPS moe. 7206VXR NPE-G2 with VSA The front of the router provies 6 port aapter slots (An aitional port aapter slot is available when a port aapter jacket car is inserte into the I/O controller slot), an the rear of the router provies on-boar LAN connectors, PC Car slots, an Console/Auxiliary connectors. The power cable connection, a power switch, an the access to the Network Processing Engine are at the rear of the router. Once the router has been configure to meet FIPS 140-2 Level 2 requirements, the router cannot be accesse without signs of tampering. The Crypto Officer shall be instructe to recor serial numbers, an to inspect for these signs of tampering or change numbers perioically. To seal the system, apply serialize tamper-evience labels as epicte in Figure 1 an Figure 2 as follows: Step 1 Step 2 Clean the cover of any grease, irt, or oil before applying the tamper evience labels. Alcohol-base cleaning pas are recommene for this purpose. The ambient air must be above 10 C, otheise the labels may not properly cure. A tamper evience label shall be place so that the one half of the label covers the enclosure an the other half covers the NPE-G2. 15

PCMCIA ETHERNET-10BFL Step 3 Step 4 Step 5 Step 6 Step 7 Step 8 Step 9 Step 10 Step 11 Step 12 Step 13 Step 14 A tamper evience label shall be place over the Compact Flash car slot on the NPE- G2. A tamper evience label shall be place over the USB ports of the NPEG2. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 1. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 2. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 3. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 4. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 5. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the port aapter slot 6. A tamper evience label shall be place such that one half of the label covers the enclosure an the other half covers the VSA. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the power supply plate. A tamper evience label shall be place so that one half of the label covers the enclosure an the other half covers the reunant power supply plate. Allow the labels to cure for five minutes. Figure 1 Cisco 7206VXR (Front) Tamper Evient Label Placement TOKEN RING ETHERNET 10BT Cisco 7200 Series VXR 119799 16 16 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Figure 2 Cisco 7206VXR (Back) Tamper Evient Label Placement 119798 Acronyms AAA AES CMVP CSP DES FIPS HTTP KAT LED NPE NIST NVLAP PPP RAM RSA SHA VAM Authentication, Authorization an Accounting Avance Encryption Stanar Cryptographic Moule Valiation Program Critical Security Parameter Data Encryption Stanar Feeral Information Processing Stanar Hyper Text Transfer Protocol Known Answer Test Light Emitting Dioe Network Processing Engine National Institute of Stanars an Technology National Voluntary Laboratory Accreitation Program Point to Point Protocol Ranom Access Memory Rivest, Shamir, & Aleman [metho for asymmetric encryption] Secure Hash Algorithm VPN Acceleration Moule 17

Obtaining Documentation, Support & Security Guielines For information on obtaining Cisco ocumentation, security guielines, recommene aliases, support an a means to provie ocumentation feeback, see the monthly What s New in Cisco Prouct Documentation, which also lists new an revise Cisco technical ocumentation. To fin an HTML or PDF version of many Cisco titles go to www.cisco.com. Type the title in the Search fiel an click Go. 18 18 Cisco 7206 VXR NPE-G2 with VSA FIPS 140-2 Non-Proprietary Security Policy

Cisco an the Cisco Logo are traemarks of Cisco Systems, Inc. an/or its affiliates in the U.S. an other countries. A listing of Cisco's traemarks can be foun at www.cisco.com/go/traemarks. Thir party traemarks mentione are the property of their respective owners. The use of the wor partner oes not imply a partnership relationship between Cisco an any other company. (1005R). 19