A PTP 600 unit is capable of operating in the FIPS 140-2 mode when all of the following are true:
- The hardware security of the ODU is compatible with operation in the FIPS 140-2 mode.
- The ODU license key has AES encryption and FIPS operation enabled.
- The ODU software image is validated for FIPS operation.
- The hardware security of the ODU is compatible with operation in the FIPS 140-2 mode:
There are 2 ways to check if the hardware security of the ODU is compatible with operation in the FIPS 140-2 mode:
a. Units with compatible hardware security have tamper-evident labels fitted as shown in below:
b. The ODU will have hardware security compatible with FIPS 140-2 if the hardware version displayed on the Status page contains the string “FPS”, as shown below:
In case it is not compatible, we can apply the hardware security upgrade kit, Part number: WB3593.
Note:
2. The ODU license key has AES and FIPS encryption enabled:
Apply the AES and FIPS upgrade key on the radio.
For example: PTP600 Series UC-APL Including 128/256bit AES and FIPS
3. The ODU software image is validated for FIPS operation:
a. Validated software image:
FIPS validated software images are indicated by a FIPS- prefix to the file name, for example: FIPS-PTP600-09-01.DLD2. The general features of a FIPS validated software image are identical to those of the standard image with the same version number. For example, FIPS-PTP600-09-01.DLD2 is equivalent to PTP600-09-01.DLD2 apart from the ability of the FIPS image to operate in FIPS mode.
b. Indication of FIPS 140-2 capability:
The FIPS 140-2 capability is indicated by a distinctive symbol displayed at the top of the navigation bar in the web-based interface, as shown below:
Note: These 4 steps should be followed in the same order, else you may get an error.