User's Guide Part 2
User Guide: PTP 600 Series Managing security
phn-0896_009v003
Feb 2010
UNDER DEVELOPMENT
6-109
To configure the ODU to work in FIPS 140-2 mode, proceed as follows:
Procedure 6-17 Configure FIPS 140-2 operation
1
Inspect the ODU to confirm that silver tamper evident labels are attached (
Figure
6-62
and Figure 6-63). If these labels are not present, do not proceed with FIPS
140-2 configuration.
2
Upgrade the ODU software to the latest image containing the FIPS 140-2 security
features (system release 600-08-50 or later). Refer to Upgrading PTP 600 software
on page 6-84.
3
Check the capability summary in the Software License Key page to ensure that the
current license key supports FIPS 140-2. Refer to
Checking capability summary on
page
6-77.
4
If the current license key does not support FIPS 140-2:
Obtain an access key and generate a new license key to support FIPS 140-2.
Refer to Using access keys to generate a new license key on page 6-79.
Enter the new license key. Refer to
Entering a license key on page 6-80.
5
Configure user accounts to ensure that the ODU is compliant with the security
requirements of FIPS 140-2. Refer to
Configuring user accounts on page 6-90.
6
Create at least three identity-based used accounts. Refer to
Creating or updating
identity-based users
on page 6-93.
7
Log into the web interface as a security administrator user.
8
Run the Security Wizard. Refer to
Configuring HTTPS/TLS using the Security
Wizard
on page 6-98. The ODU reboots at the end of Security Wizard.
9
The secure web server is now the main management tool for the ODU web interface.
To enter the web interface, use the URL https://169.254.1.1
.
10
Go back to the Security Wizard and disabled HTTP and Telnet (if not already
disabled). Refer to Step 6: HTTP and Telnet settings on page 6-105.
The FIPS 140-2 mode is indicated by a distinctive symbol displayed at the top of the
navigation bar in the web-based interface, as shown in Figure 1-17.