Documentation - V-65201

Title

The DataPower Gateway providing intermediary services for remote access communications traffic must use encryption services that implement NIST FIPS-validated cryptography to protect the confidentiality of remote access sessions.

Description

<VulnDiscussion>Without confidentiality protection mechanisms, unauthorized individuals may gain access to sensitive information via a remote access session. Remote access is access to DoD-nonpublic information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Remote access methods include broadband and wireless connections. Remote access methods include, for example, proxied remote encrypted traffic (e.g., TLS gatew...

Fix Text (Documentation Requirement)

Configure FIPS 140-2 Level 1 in Firmware only. Privileged account user log on to default domain >> In the search field type "crypto" >> Press "enter". From the search results, click "Crypto Tools" >> Click the "Set Cryptographic Mode" tab >> From the "Cryptographic Mode" list, select "FIPS 140-2 Level 1" >> Click the "Set Cryptographic Mode" button >> When prompted to confirm cryptographic mode change, click "confirm" >> When notified that the action completed successfully, click "Close" >> click "Save Configuration". Restart the appliance >> Control Panel >> System Control >> Shutdown >> Select "Mode" from dropdown list: "Reboot System" >> Click "Shutdown" button >> Click "Confirm" >> Click "Close". Configure FIPS 140-2 Level 3 Hardware Security module as follows: Log on to the comm...