Cisco Cisco Email Security Appliance C160 Referencia técnica
F I P S C O N F I G
C H A P T E R 3 : T H E C O M M A N D S : R E F E R E N C E E X A M P L E S
79
Choose the operation you want to perform:
- INIT - Initialize the hardware security module.
- GETINFO - Display the hardware security module status.
- CERTCONFIG - Configure certificates and keys.
- DOMAINKEYSCONFIG - Configure keys for DomainKeys and DKIM.
- CLONETARGET - Clone the hardware security module as the target.
- CLONESOURCE - Clone the hardware security module as the source.
- BACKUP - Backup critical security parameters.
- RESTORE - Restore critical security parameters.
- PASSWD - Change FIPS password.
[]> getinfo
Firmware Version: 4.7.1
Serial Number: 8100752
Hardware ID: K5
Label: Cisco_IronPort_Label
Total SRAM Memory: 16984932
Free SRAM Memory: 16983492
Total Flash Memory: 14286412
Free Flash Memory: 14281236
FIPS capabilities and policy values:
Capability Policy
Enable PIN Authentication 1 1
Enable PED Authentication 1 0
Performance Level 4 -
M of N Code 0 0
Enable Configuration Masking 1 1
Allow Configuration Cloning 1 1
Allow Non-FIPS Algorithms 1 0
Allow Network Replication 0 0
Allow Offboard Storage 1 1
Private Key Wrapping 0 0
Secret Key Wrapping 1 1
Allow Changing Key Attributes 1 1
Authentication Without Challenge 1 1
Allow Non-Local Signing Key 1 1
Maximum Failed Login Attempts 10 10
Allow Auto-Activation 1 0
Choose the operation you want to perform:
- INIT - Initialize the hardware security module.
- GETINFO - Display the hardware security module status.
Code Example 3-42 fipsconfig