NETSCOUT Systems Inc. A5020 用户手册
If your Command Line Interface is open, the following commands will be displayed on the
screen:
screen:
Start FIPS Self Test for Encrypted Algorithm...
Passed.
AmWebserver Module Integrity Checking...
Passed.
AmConfig Module Integrity Checking...
Passed.
AmMonitor Module Integrity Checking...
Passed.
Passed.
AmWebserver Module Integrity Checking...
Passed.
AmConfig Module Integrity Checking...
Passed.
AmMonitor Module Integrity Checking...
Passed.
Checking Done.
If an error occurs during the self checking, then the AirMagnet SmartEdge Sensor will enter an
error state, in which all communication among the Sensor, Server, and Console will be disabled
since NO secure communication is allowed in an error state. The Sensor will keep generating the
same error message. If this occurs, contact AirMagnet Technical Support for assistance.
error state, in which all communication among the Sensor, Server, and Console will be disabled
since NO secure communication is allowed in an error state. The Sensor will keep generating the
same error message. If this occurs, contact AirMagnet Technical Support for assistance.
Change of Shared Secret Key via Secure Communication
FIPS does NOT allow the change of the shared secret key through Telnet due to the lack of
encryption in the Telnet communication protocol. If, for some reason, the user needs to change
the shared secret key, it can be done either through the serial port or a browser interface.
encryption in the Telnet communication protocol. If, for some reason, the user needs to change
the shared secret key, it can be done either through the serial port or a browser interface.
Password Encrypted in FIPS-Approved Algorithms
All passwords used to access the Sensor will be encrypted using a FIPS-approved algorithm and
saved in a file. Passwords entered using a Web browser and the TLS protocol and those entered
using the serial port meet the requirement.
saved in a file. Passwords entered using a Web browser and the TLS protocol and those entered
using the serial port meet the requirement.
Securing the Sensor with the Tampering-Proof Tape
To prevent your AirMagnet SmartEdge Sensor from tampering that may jeopardize the security
and integrity of your corporate network, use the supplied tamper-proof tape to cover the screws
at the bottom of each Sensor. At least two tapes should be applied, diagonally.
and integrity of your corporate network, use the supplied tamper-proof tape to cover the screws
at the bottom of each Sensor. At least two tapes should be applied, diagonally.
Periodical Inspection of the Module for Evidence of Tampering
Tamper evidence includes unexpected scratches on the cover and damage to the tamper-proof
tape surrounding the module. If tampering is suspected, zeroize the cryptographic keys and
shared key using the zeroize command. Then remove the module from service and contact
AirMagnet Technical Support for assistance.
tape surrounding the module. If tampering is suspected, zeroize the cryptographic keys and
shared key using the zeroize command. Then remove the module from service and contact
AirMagnet Technical Support for assistance.
When operating the Sensor in FIPS-approved mode, administrators must take precaution to
avoid disclosure of sensitive authentication data, including the shared secret key and passwords.
Follow all of the guidance in this section to ensure that the module is installed and operated in a
avoid disclosure of sensitive authentication data, including the shared secret key and passwords.
Follow all of the guidance in this section to ensure that the module is installed and operated in a
© 2004 AirMagnet
®
, Inc. All rights reserved.
18