Documentation - V-269796

V-269796

Dell OS10 Switch NDM Security Technical Implementation Guide

CAT I

Title

The Dell OS10 Switch must use FIPS-validated Keyed-Hash Message Authentication Code (HMAC) to protect the integrity of nonlocal maintenance and diagnostic communications.

Description

<VulnDiscussion>Unapproved mechanisms that are used for authentication to the cryptographic module are not verified and therefore cannot be relied upon to provide confidentiality or integrity, and DOD data may be compromised. Nonlocal maintenance and diagnostic activities are those activities conducted by individuals communicating through a network, either an external network (e.g., the internet) or an internal network. Currently, HMAC is the only FIPS-approved algorithm for generating and ve...

Fix Text (Documentation Requirement)

Configure the OS10 Switch to use FIPS-validated HMAC to protect the integrity of nonlocal maintenance and diagnostic communications. OS10(config)# crypto fips enable WARNING: Upon committing this configuration, the system will regenerate SSH keys. Please consult documentation and toggle FIPS mode only if you know what you are doing! Continue? [yes/no(default)]:yes OS10(config)# Disable telnet if it has been enabled: OS10(config)# no ip telnet server enable Enable SSH if it has been disabled: OS10(config)# ip ssh server enable

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel