Emerson Avocent ACS 6000 Advanced Console Server Guide de l'utilisateur télécharger pdf (Page 30)

24.....Avocent® ACS 6000 Advanced Console Server

integrity of the FIPSObject Module. Once the reboot is complete, the console server will accept

SSH and HTTPSconnections using only FIPS-approved ciphers.

When FIPS is enabled the following restrictions apply:

For SSH sessions:

Protocol version 1 will be disabled.

Triple-DES CBS and AES 128/192/256 are the only encryption ciphers that will be accepted.

HMAC-SHA1 and HMAC-SHA1-96 are the only message integrity algorithms that will be accepted.

Only RSAkeys 1024 to 16384 bits will be accepted.

HTTPSsessions will accept only the SSL v 3.1(TLSv1) protocol to establish the SSLtunnel

with one of the following encryption ciphers:

AES-256-SHA

AES-128-SHA

Triple DESSHA (DES-CBC3-SHA)

SNMPversion 3 requests will be accepted when authentication is SHAand the encryption

cipher is AES.

HTTPS Certificate

You can generate a new self-signed certificate or download a signed certificate to the appliance

from an FTP server or from your desktop.

To generate a new self-signed certificate:

1. Select System – Security – HTTPS Certificate.

2. Check the radio button next to Generate Self-Signed Certificate.

3. Enter the desired information in the self-signed certificate fields: Country, State/Province,

City/Locality, Organization, Organization Unit, Common Name, Email Address and Netscape

Comment.

4. Click Generate/Download. The generated certificate's information will be displayed.

5. Click Install. The certificate will be saved and the browser server will restart to use the new

certificate.

To download a signed certificate:

1. Select System – Security – HTTPS Certificate.

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 92 93

Pas de commentaire

Emerson Avocent ACS 6000 Advanced Console Server Guide de l'utilisateur Page 30