Cisco Cisco Email Security Appliance C190 User Guide

Cisco AsyncOS 9.1 for Email 사용 설명서

27 장     FIPS 관리

  FIPS 모드에서 민감한 데이터 암호화

절차

mail.example.com> fipsconfig

FIPS mode is currently disabled.

Choose the operation you want to perform:

- SETUP - Configure FIPS mode.

- FIPSCHECK - Check for FIPS mode compliance.

[]> setup

To finalize FIPS mode, the appliance will reboot immediately. No commit will be required.

Are you sure you want to enable FIPS mode and reboot now ? [N]> y

Do you want to enable encryption of sensitive data in configuration file when FIPS mode is 

enabled? Changing the value will result in system reboot [N]> n

Enter the number of seconds to wait before forcibly closing connections.

[30]>

System rebooting.  Please wait while the queue is being closed...

Closing CLI connection.

Rebooting the system...

FIPS 모드에서 민감한 데이터 암호화

어플라이언스에서 

fipsconfig

 명령을 사용하여 비밀번호 및 키 등의 민감한 데이터를 암호화합니

다. 이 옵션을 사용하는 경우, 

어플라이언스에서 다음의 주요 보안 매개변수가 암호화되고 저장됩니다.

인증서 개인 키

RADIUS 비밀번호

LDAP 바인딩 비밀번호

로컬 사용자 비밀번호 해시

SNMP 비밀번호

DK/DKIM 서명 키

발송 SMTP 인증 비밀번호

PostX 암호화 키

PostX 암호화 프록시 비밀번호

FTP 푸쉬 로그 구독 비밀번호

IPMI LAN 비밀번호

업데이터 서버 URL

참고

관리자를 비롯한 모든 사용자는 구성 파일에 있는 민감한 정보를 볼 수 없습니다.

어플라이언스의 스왑 공간은 어플라이언스의 물리적 보안이 손상되는 경우 무단 액세스 또는 
포렌식 공격을 방지하기 위해 암호화되어 있습니다.