Carrier Access 1750 Manual De Usuario

This release of the Broadmore includes the Broadmore/SSHield Management Module, 
which is a FIPS 140-2 validated software-only module that meets the security 
requirements of Federal Information Processing Standard PUB 140-2. The Broadmore/
SSHield Management Module enables the secure operation and control of the 
Broadmore’s ATM configuration parameters via a command line interface (CLI) or 
menu based interface (CAMMI). TeamF1’s SSHield provides security by means of the 
SSH (IETF SECSH) protocol to ensure that network connections are secure. 

A detailed description of the Broadmore security features are provided in the 
“Broadmore/SSHield Management Module Version 4.0 Security Policy” available at 
the following web sites:

 under the Broadmore documents

under the Validation Lists

When the FIPS Security option is enabled on the Broadmore, the following security 
features are available:

RSA SecurID

® 

authentication (optional, see “SecurID Features” on page

)

Private management data paths using SSHield for CLI/CAMMI sessions and 
Secure File Transfer Protocol (SFTP)

Configuration activity audit trails

Zeroize command for decommissioning one or both CPUs

Enabling FIPS mode security disables FTP and Telnet access. Users must log in using 
secure client replacements such as SecureCRT

®

 and SecureFX

®

. A secure terminal 

emulator is required to enter a secure Broadmore system. Although many secure 
terminal emulators are available, SecureCRT is recommended. 

Be sure to use the appropriate fonts and screen settings to 

maintain the proper screen appearance.