User guide
SA FIPS Execution
When you first install a FIPS system, the Secure Access Service serial console walks you
through the process of creating a security world through the serial console. A security
world is a key management system used by SA FIPS consisting of the following elements:
•
Cryptographic module—The cryptographic module (also sometimes called the hardware
security module, or HSM) included with SA FIPS Appliance includes hardware and
firmware installed directly on the appliance. A security world may contain a single
cryptographic module (standard environment) or multiple modules (clustered
environment). However, a single Secure Access FIPS appliance is always equipped
with a single cryptographic module.
•
Security world key—A security world key is a unique Triple DES encrypted key that
protects all other application keys within a security world. As required by the Federal
Information Processing Standards, you cannot import this key into a security world—you
must directly create it from a cryptographic module. In a clustered environment, all of
the modules within the security world share the same security world key.
•
Smart cards—A smart card is a removable key device that looks like a credit card. A
smart card authenticates users, allowing them access to various data and processes
controlled by the cryptographic hardware module. During the initialization process,
you must insert one of your smart cards into the reader (built-in or external, depending
upon which device model you own). As part of the initialization process, the smart card
is transformed into an administrator card that allows the card holder access to the
security world.
•
Encrypted data—Encrypted host data in a Secure Access FIPS environment includes
keys and other data required to share information in a secure manner.
These elements interlock to create a comprehensive security world. When you start the
appliance, it confirms that the security world is valid and that the cryptographic module
is in operational mode before starting normal operations.
You can set the cryptographic module into operational mode using a hardware switch
on the outside of the module. The switch’s settings include:
•
I—Initialization mode. Use this setting when initializing the cryptographic module with
a new security world or when adding a module to an existing security world in a Secure
Access cluster. Note that once you set the switch to I and begin initialization, you must
complete the process. Otherwise, your security world is only partially initialized, making
it unusable.
•
O—Operational mode. Use this setting to place the cryptographic module into
operational mode after initialization. Note that you must set the switch to O before
the module powers up in order to alert the unit that you want to begin day-to-day
processing. Otherwise, the module prompts you through the serial console to join the
existing security world or initialize a new one.
•
M—Maintenance mode. In future releases, this setting will be used to upgrade the
firmware on the cryptographic module. (Not yet supported.)
Copyright © 2012, Juniper Networks, Inc.8
SA Series 4500, 6500, and FIPS Appliances