Enterasys Networks XSR-3250, XSR-1805, XSR-1850 User Manual
XSR-1805, XSR-1850, and XSR-3250
(Hardware Version: REV 0A-G, Software Version: REL 6.3, Firmware Version: REL 6.3)
FIPS 140-2 Non-Proprietary
Security Policy
Level 2 Validation
Version 1.00
September 2003
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
© Copyright 2003 Enterasys Networks
Table of Contents
INTRODUCTION............................................................................................................. 3
URPOSE....................................................................................................................... 3
P
R
EFERENCES ................................................................................................................. 3
D
OCUMENT ORGANIZATION ............................................................................................. 3
ENTERASYS NETWORKS XSR-1805, XSR-1850, AND XSR-3250 ............................. 5
VERVIEW ..................................................................................................................... 5
O
C
RYPTOGRAPHIC MODULE .............................................................................................. 6
MODULE INTERFACES ..................................................................................................... 8
R
OLES AND SERVICES................................................................................................... 11
Crypto Officer Role.................................................................................................. 11
User Role ................................................................................................................ 14
Authentication Mechanisms .................................................................................... 14
P
HYSICAL SECURITY .....................................................................................................14
O
PERATIONAL ENVIRONMENT ........................................................................................ 14
C
RYPTOGRAPHIC KEY MANAGEMENT ............................................................................. 16
Key Generation ....................................................................................................... 18
Key Establishment................................................................................................... 18
Key Entry and Output .............................................................................................. 18
Key Storage ............................................................................................................ 19
Key Zeroization ....................................................................................................... 19
S
ELF-TESTS................................................................................................................. 20
D
ESIGN ASSURANCE ..................................................................................................... 21
M
ITIGATION OF OTHER ATTACKS.................................................................................... 21
SECURE OPERATION ................................................................................................. 22
CRYPTO OFFICER GUIDANCE......................................................................................... 22
Initial Setup ............................................................................................................. 22
Management ........................................................................................................... 23
USER GUIDANCE .......................................................................................................... 24
ACRONYMS ................................................................................................................. 25
© Copyright 2003 Enterasys Networks Page 2 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Introduction
Purpose
This document is a nonproprietary Cryptographic Module Security Policy
for the Enterasys Networks XSR-1805, XSR-1850, and XSR-3250
appliances. This security policy describes how the XSR-1805, XSR-1850,
and XSR-3250 meet the security requirements of FIPS 140-2 and how to
run the modules in a secure FIPS 140-2 mode. This policy was prepared
as part of the Level 2 FIPS 140-2 validation of the module.
FIPS 140-2 (Federal Information Processing Standards Publication 140-2
— Security Requirements for Cryptographic Modules) details the U.S.
Government requirements for cryptographic modules. More information
about the FIPS 140-2 standard and validation program is available on the
NIST Web site at http://csrc.nist.gov/cryptval/
The Enterasys Networks XSR-1805, XSR-1850, and XSR-3250
appliances are referenced in this document as X-Pedition Security
Routers, XSR modules, and the modules. The XSR-1805 and XSR-1850
modules are also referenced as the XSR-18xx modules. The differences
between the three modules are cited where appropriate.
.
References
This document deals only with operations and capabilities of the module in
the technical terms of a FIPS 140-2 cryptographic module security policy.
More information is available on the module from the following sources:
The Enterasys Networks Web site (http://www.enterasys.com/) contains
information on all Enterasys Networks products.
The NIST Validated Modules Web site (http://csrc.ncsl.nist.gov/cryptval/
contains contact information for answers to technical or sales-related
questions for the module.
Document Organization
The Security Policy document is one document in a FIPS 140-2
Submission Package. In addition to this document, the Submission
Package contains:
Vendor Evidence document
Finite State Machine
Other supporting documentation as additional references
)
© Copyright 2003 Enterasys Networks Page 3 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
This Security Policy and the other validation submission documentation
were produced by Corsec Security, Inc. under contract to Enterasys
Networks. With the exception of this Non-Proprietary Security Policy, the
FIPS 140-2 Validation Documentation is proprietary to Enterasys
Networks and can be released only under appropriate non-disclosure
agreements. For access to these documents, please contact Enterasys
Networks.
© Copyright 2003 Enterasys Networks Page 4 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
ENTERASYS NETWORKS XSR-1805, XSR-1850, AND XSR-3250
Overview
Part of the Enterasys Networks X-Pedition Security Router (XSR) series,
the XSR-1805, XSR-1850, and XSR-3250 modules are networking
devices that combine a broad range of IP routing features, a broad range
of WAN interfaces and a rich suite of network security functions, including
site-to-site and remote access VPN connectivity and policy managed,
stateful-inspection firewall functionality.
The XSR-18xx modules were designed to meet the requirements of the
branch office, while the XSR-3250 was specifically designed for the
regional office. A typical deployment of the modules is shown in Figure 1
below.
Figure 1 – Typical Deployment of the XSR Modules
The XSR-1805 is an entry-level, modular router in a desktop form factor
delivering powerful performance and features to address the WAN, VPN,
and firewall needs of remote offices.
The XSR-1850 varies mainly in its performance and type of enclosure,
when compared to the XSR-1805. Delivering faster performance; a rackmount form factor; and the option for redundant power, the XSR-1850 is
© Copyright 2003 Enterasys Networks Page 5 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
ideal to support mission- critical applications extending to the branch
office.
The XSR-3250 offers nearly ten times the performance speed of the XSR1850 and approximately 15 times more VPN tunnels. Coupling these
features with the six network interface module (NIM) slots makes the XSR3250 ideally suited to a regional office required to terminate up to six
T3/E3 or 24 T1/E1 connections. A redundant power supply is included.
The features of each XSR module are summarized in
XSR Model XSR-1805 XSR-1850 XSR-3250
NIM Slots
Fixed 10/100/1000 LAN
Ports
Optional Gigabit
Ethernet
Redundant Power
Supplies
VPN Accelerator
Flash Memory
DRAM
External Compact Flash
2 2 6
2 10/100 2 10/100 3
N/A N/A Mini-GBIC
No Option Standard
Embedded Embedded Embedded
8 MB
(upgradeable)
32 MB
(upgradeable)
Yes Yes Yes
Table 1 - Features At-a-Glance
8 MB
(upgradeable)
64 MB
(upgradeable)
Table 1.
8 MB
256 MB
(upgradeable)
Some highlighted security features of the XSR modules are:
• Telnet over IPSec or SSHv2-secured remote management of the
modules
• Site-to-Site application VPN using IPSec
• Remote access VPN using L2TP over IPSec
• Access control through assigned privilege level
• User, certificate, and host key database files encrypted with a
master encryption key
Cryptographic Module
The XSR modules were evaluated as multi-chip standalone cryptographic
modules. The metal enclosure physically encloses the complete set of
hardware and software components, and represents the cryptographic
boundary of each module.
© Copyright 2003 Enterasys Networks Page 6 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
The hardware components for the XSR-18xx modules vary slightly to meet
the performance level for each module. The XSR-1850 is an enhancement
of the XSR-1805 consisting of the following additional features:
• Two fans
• External power source connector
• One PMC slot for PPMC card
• 19” 1.5 U rack-mount chassis
• 64 MB of DRAM
Due to the large difference in performance levels, the XSR-3250 hardware
components vary quite significantly, when compared to the XSR-18xx
modules. The main differences include the following:
• Different processor with two CPU cores
• Different hardware encryption accelerator
• Two extra NIM Carrier Cards (NCC) slots with two NIM slots on
each card
• One extra Ethernet port connected to both a miniGBIC module and
a RJ45 connector
• Dual load-sharing power supplies
• Redundant fans
• 256 MB of DRAM
XSR NIMs will operate on all three XSR modules.
All three modules use the software version XSR Release 6.3. The
modules software components consists of three separate executables
linked individually:
• Bootrom
• Power-up Diagnostics
• Software image
© Copyright 2003 Enterasys Networks Page 7 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
The software image is contained in a single file with the power-up
diagnostics. It is based on the Nortel Open IP design model and runs on
top of the VxWorks operating system.
The modules are intended to meet overall FIPS 140-2 Level 2
requirements (see Table 2).
Section Section Title Level
1 Cryptographic Module Specification 2
2 Cryptographic Module Ports and Interfaces 2
3 Roles, Services, and Authentication 2
4 Finite State Model 2
5 Physical Security 2
6 Operational Environment N/A
7 Cryptographic Key Management 2
8 EMI/EMC 2
9 Self-tests 2
10 Design Assurance 2
11 Mitigation of Other Attacks N/A
Module Interfaces
Table 2 – Intended Level Per FIPS 140-2 Section
The XSR-1805 provides a number of physical ports:
• Two 10/100BaseT FastEthernet LAN ports
• One console port
• Two PCM slots
• One PCMCIA slot for the optional CompactFlash card
© Copyright 2003 Enterasys Networks Page 8 of 25
This document may be freely reproduced and distributed whole and intact including this Copyright Notice.
Loading...