Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
C H A P T E R
27-1
Cisco AsyncOS 9.0 for Email User Guide
27
FIPS Management
•
•
•
•
•
•
•
FIPS Management Overview
The Federal Information Processing Standard (FIPS) 140 is a publicly announced standard developed
jointly by the United States and Canadian federal governments specifying requirements for
cryptographic modules that are used by government agencies to protect sensitive but unclassified
information. The Cisco IronPort Email Security appliance uses the Cisco SSL Cryptographic Toolkit to
achieve FIPS 140-2 Level 1 compliance.
jointly by the United States and Canadian federal governments specifying requirements for
cryptographic modules that are used by government agencies to protect sensitive but unclassified
information. The Cisco IronPort Email Security appliance uses the Cisco SSL Cryptographic Toolkit to
achieve FIPS 140-2 Level 1 compliance.
The Cisco SSL Cryptographic Toolkit is a a GGSG-approved cryptography suite that includes Cisco
SSL, which is an enhanced version of OpenSSL’s FIPS support, and the FIPS-compliant Cisco Common
Cryptography Module. The Cisco Common Cryptography Module is a software library that Email
Security appliance uses for FIPS-validated cryptographic algorithms for protocols such SSH.
SSL, which is an enhanced version of OpenSSL’s FIPS support, and the FIPS-compliant Cisco Common
Cryptography Module. The Cisco Common Cryptography Module is a software library that Email
Security appliance uses for FIPS-validated cryptographic algorithms for protocols such SSH.
Configuration Changes in FIPS Mode
The Email Security appliance uses Cisco SSL and FIPS-compliant certificates for communication when
the appliance is in FIPS mode. See
the appliance is in FIPS mode. See
for more
information.
Note
As part of FIPS compliance, AsyncOS for Email does not support SSH version 1.