HPFlexFabric5900CPand 12910SwitchSeries FIPS 140-2 Non-Proprietary Security Policy Security Level 2 Validation Version 1.05 December 2015 Copyright Hewlett-Packard Development Company,L.P 2014, May be reproduced only in its original entirety [without revision]. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 1 of 49 Revision Record Date Revision Version Change Description Author 2014-12-12 1.00 Initial version HP 2015-01-22 1.01 Adding 5900CP HP 2015-03-20 1.02 Changes based on CMVP comments HP 2015-09-07 1.03 Changes based on CMVP comments HP Added comment RE: what to do if tamper 2015-12-22 1.04 HPE labels tampered with 2015-12-29 1.05 Change 1 word in Algorithm table HPE FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 2 of 49 Table of Contents 1 Introduction ................................................................................................................................. 8 2 Overview ...................................................................................................................................... 9 2.1 Comware Switch Block Level Diagram ..............................................................................10 2.2 HP 5900CP Switch Series .................................................................................................12 2.2.1 Product overview ....................................................................................................12 2.2.2 Opacity shield and tamper evidence label ...............................................................12 2.2.3 Test Modules .........................................................................................................14 2.3 HP FlexFabric 12910 Switch .............................................................................................14 2.3.1 Product overview ....................................................................................................14 2.3.2 Opacity shield and tamper evidence label ...............................................................14 2.3.3 Test Modules .........................................................................................................18 3 Security Appliance Validation Level.........................................................................................19 4 Physical Characteristics and Security Appliance Interfaces..................................................20 4.1 HP 5900CP Switch Series .................................................................................................20 4.2 HP FlexFabric 12910 Switch .............................................................................................20 4.3 Physical Interfaces Mapping ..............................................................................................22 5 Roles, Services, and Authentication ........................................................................................23 5.1 Roles .................................................................................................................................23 5.2 Services ............................................................................................................................24 5.2.1 Crypto Officer Services ...........................................................................................24 5.2.2 User Services..........................................................................................................28 5.2.3 Non-Approved Services ..........................................................................................30 5.3 Authentication Mechanisms ...............................................................................................31 6 Cryptographic Algorithms.........................................................................................................33 6.1 FIPS Approved Cryptographic Algorithms .........................................................................33 6.2 FIPS Allowed Cryptographic Algorithms ............................................................................34 6.3 Non-FIPS Approved Cryptographic Algorithms..................................................................34 7 Cryptographic Key Management ..............................................................................................35 7.1 Cryptographic Security Parameters ...................................................................................35 7.2 Access Control Policy ........................................................................................................38 8 Self-Tests ...................................................................................................................................42 8.1 Power-On Self-Tests .........................................................................................................42 8.2 Conditional Self-Tests .......................................................................................................43 9 Delivery and Operation ..............................................................................................................44 9.1 Secure Delivery .................................................................................................................44 9.2 Secure Operation ..............................................................................................................44 10 Physical Security Mechanism .................................................................................................46 11 Mitigation of Other Attacks .....................................................................................................48 12 Documentation References.....................................................................................................49 12.1 Obtaining documentation .................................................................................................49 12.2 Technical support ............................................................................................................49 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 3 of 49 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 4 of 49 TABLE OF TABLES Table 1 HP 12910 Switch Series test configuration............................................................................... 18 Table 2 Validation Level by Section ...................................................................................................... 19 Table 3 Correspondence between Physical and Logical Interfaces ...................................................... 22 Table 4 Roles and Role description ...................................................................................................... 23 Table 5 Crypto officer services .............................................................................................................. 24 Table 6 user service .............................................................................................................................. 28 Table 7 FIPS-Approved Cryptography Algorithms................................................................................. 33 Table 8 FIPS-Allowed Cryptography Algorithms ................................................................................... 34 Table 9 Non-FIPS Approved Cryptography Algorithms ......................................................................... 34 Table 10 Cryptographic Security Parameters ........................................................................................ 35 Table 11 Access by Service for Crypto Officer ...................................................................................... 38 Table 12 Access by Service for User role ............................................................................................. 39 Table 13 Power-On Self-Tests .............................................................................................................. 42 Table 14 Conditional Self-Tests ............................................................................................................ 43 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 5 of 49 FIPS 140-2 Non-Proprietary Security Policy for the HP Networking Switches Keywords: Security Policy, CSP, Roles, Service, Cryptographic Module List of abbreviations: Abbreviation Full spelling AAA Authentication, Authorization, and Accounting AES Advanced Encryption Standard CF Compact Flash CLI Command Line Interface CMVP Cryptographic Module Validation Program CSP Critical Security Parameter DES Data Encryption Standard DOA Dead on arrival FCoE Fibre Channel over Ethernet FIPS Federal Information Processing Standard HMAC Hash-based Message Authentication Code HTTP Hyper Text Transfer Protocol IRF Intelligent Resilient Framework KAT Known Answer Test LED Light Emitting Diode LPU Line Processing Unit MAC Message Authentication Code MAN Metropolitan Area Network MPU Main Processing Unit NIST National Institute of Standards and Technology OAA Open Application Architecture OAP Open Application Platform PSU Power Supply Unit RADIUS Remote Authentication Dial In User Service RAM Random Access Memory RSA Rivest Shamir and Adleman method for asymmetric encryption SFP Small Form-Factor Plugable FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 6 of 49 Abbreviation Full spelling SFP+ Enhanced Small Form-Factor Pluggable SHA Secure Hash Algorithm SRPU Switching and routing processor unit SSL Secure Sockets Layer XFP 10 Gigabit Small Form-Factor Pluggable FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 7 of 49 1 Introduction This document is a non-proprietary Cryptographic Module Security Policy for HP FlexFabric 5900CP and 12910 Switch Series. The policy describes how the HP FlexFabric 5900CP and 12910 Switch Series meet the requirements of FIPS 140-2. This document also describes how to configure the HP FlexFabric 5900CP and 12910 Switch Series in FIPS 140-2 mode. This document was prepared as part of the FIPS 140-2 Level 2 validation. FIPS 140-2 standard details the U.S. Government requirements for cryptographic security appliances. More information about the standard and validation program is available on the NIST website at csrc.nist.gov/groups/STM/cmvp/. This document includes the following sections: Overview Security Appliance Validation Level Physical Characteristics and Security Appliance Interfaces Roles, Services and Authentication Cryptographic Algorithms Cryptographic Key Management Self-Tests Delivery and Operation Physical Security Mechanism Mitigation of Other Attacks Obtaining Documentation and Technical Assistance FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 8 of 49 2 Overview The HP Networking devices are suitable for a range of uses: at the edge of a network, connecting server clusters in a data center, in an enterprise LAN core, and in large-scale industrial networks and campus networks. Each device is based on the HP Comware Software, Version 7.1.045 platform. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 9 of 49 2.1 Comware Switch Block Level Diagram Cryptographic Module Management Service M1 Communication Service M2 C4 C3 Security Function D2 I2 C2 Authorize C1 I1 A2 A3 Authorize A1 Forwarding Function Authorize ACL Firmware Hardware Authorize D1 Network user/IT Administrator entity Figure 1 Security Architecture Block Diagram The cryptographic module provides the following services externally: 1. Management: supports various login methods and configuration interfaces for managing the system. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 10 of 49 2. Communication: supports interoperation between the communication protocols at different layers in the protocol stack, such as 802.3, PPP, and IP, and uses the forwarding function to receive/send packets for the local device and forward packets for other devices. To ensure security, the security function provides appropriate access control for the cryptographic module to identify and authenticate the external entities attempting to access them, and authorize the external entities that pass the identification and authentication. The access control function also records the external entities' accesses to the services, such as the beginning time and end time of a visit. The figure above shows how administrators (crypto officer, user role) and network users access a cryptographic module service. M2: The administrator accesses the management service to configure the security function. M1: The administrator accesses the management service to configure the communication service. C1: The security function issues the forwarding control ACL or other control measures to the forwarding function for security processing like packet filtering. D2: The communication service uses the forwarding function to receive and send packets for the local device. C2: The communication service issues routing entries or MAC address entries to the forwarding function for forwarding packets for other devices. A1: The administrator connects to a physical management interface (the console for example) of the cryptographic module to access the system management access control service of the security function. If the access succeeds, the l1 access to the management service is authorized. The security function uses the C3 authorization action to authorize the administrator administrative roles. I1: The administrator accesses the management service through the physical management interface. A2: The administrator connects to a network interface (such as an Ethernet interface) of the cryptographic module to access the system management access control service of the security function. If the access succeeds, the I2 access to the management service is authorized. I2: The administrator accesses the management service through the network interface. A3: A network user connects to a network interface of the cryptographic module to access the communication access control service of the security function. If the access succeeds, D1/D2 are authorized. The security function uses the C4 authorization action to authorize the network user the communication service access privilege, namely, the network access privilege. D1: Forwarding packets for the network user. To facilitate cryptographic module management, the administrator is allowed to access the system management service by remote login through a network interface. To prevent the authentication data of the administrator (such as the username and password) from being intercepted and prevent the operation commands from being tampered, the cryptographic module provides the SSH2/HTTPS for secure remote management. For the management service, the cryptographic module defines predefined roles and custom user roles, which service differs as result of different access permissions. Each user can switch to a different user role without reconnecting to the device. To switch to a different user role, a user must provide the role switching authentication information. The authentication is role-based. All users can be authenticated locally, and optionally supports authentication via a RADIUS and TACACS+ server. If needed, IPSec can be configured to protect the network data. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 11 of 49 No external programs can take control of the cryptographic module, because the cryptographic module does not provide the general-purpose computing service. This ensures the absolute control of the cryptographic module. 2.2 HP 5900CP Switch Series 2.2.1 Product overview The HP FlexFabric 5900CP Switch Series is a family of high-density, ultra-low-latency, top-of- rack (ToR) switches that is part of the HP FlexNetwork architecture's HP FlexFabric solution. Ideally suited for deployment at the server access layer of large enterprise data centers, the HP 5900CP Switch Series is also powerful enough for deployment at the data center core layer of medium-sized enterprises. With the increase in virtualized applications and server-to-server traffic, customers now require ToR switch innovations that will meet their needs for higher-performance server connectivity, convergence of Ethernet and storage traffic, the capability to handle virtual environments, and ultra-low-latency all in a single device. Converged ports for Ethernet, FCoE and FC Cut-through with ultra-low-latency and wire speed HP Intelligent Resilient Framework (IRF) for virtualization and two-tier architecture High 1 GbE/10GbE ToR port density with 40 GbE uplinks IPv6 support in ToR with full L2/L3 features Convergence ready with DCB, FCoE, and TRILL 2.2.2 Opacity shield and tamper evidence label The following figures show representatives of the series, with and without opacity shield and tamper evidence label. Figure 1 5900CP rear view Figure 2 5900CP front view FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 12 of 49 Front: Rear: Top: Bottom: Right: Left: FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 13 of 49 2.2.3 Test Modules Testing included one model in the HP 5900CP series JG838A HP FlexFabric 5900CP-48XG-4QSFP+ Switch 2.3 HP FlexFabric 12910 Switch 2.3.1 Product overview The HP FlexFabric 12910 Switch is a next-generation modular data center core switch designed to support virtualized data centers and the evolving needs of private and public cloud deployments. The FlexFabric 12910 switch delivers unprecedented levels of performance, buffering, scale, and availability with high density 10GbE, 40GbE and 100GbE. The HP FlexFabric 12910 Switch includes a 10-slot chassis with front-to-back airflow. Ready for software-defined networking (SDN), the switch supports full Layer 2 and 3 features, including advanced features such as Transparent Interconnection of Lots of Links (TRILL) and Intelligent Resilient Framework (IRF), which provides the ability to build large, resilient switching fabrics. The HP FlexFabric 12910 Switch also supports fully redundant and hot-swappable components to complement its other enterprise-class capabilities. Nonblocking, lossless Clos architecture Large Layer 2 scaling with TRILL and HP IRF DCB and FCoE convergence Enhanced modularity with control and data plane separation High 10GbE, 40GbE and 100 GbE density across 36 Tb/s switch fabric 2.3.2 Opacity shield and tamper evidence label The following figures show representatives of the series, with tamper evidence label. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 14 of 49 Top: Front: Bottom: Rear: FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 15 of 49 Right: FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 16 of 49 Left: FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 17 of 49 2.3.3 Test Modules Testing included one model in the 12900 series: HP FlexFabric 12910 Switch AC Chassis The following table lists the test configurations for the HP FlexFabric 12910 Switch. Table 1 HP 12910 Switch Series test configuration Chassis Controller Modules HP FlexFabric 12910 12910 HP FlexFabric 12910 Main Processing Unit Switch AC Chassis HP FlexFabric 12900 48-port 10/100/1000BASE-T EB Front Slot Module HP FlexFabric 12900 48-port 10/100/1000BASE-T EB Front Slot Module Front Slot HP FlexFabric 12900 48-port GbE SFP EB Module HP FlexFabric 12900 16-port 40GbE QSFP+ EA Front Slot Module HP FlexFabric 12900 16-port 40GbE QSFP+ EA Front Slot Module HP FlexFabric 12900 16-port 40GbE QSFP+ EA Front Slot Module HP FlexFabric 12900 16-port 40GbE QSFP+ EA Front Slot Module HP FlexFabric 12900 48-port 1/10GbE SFP+ EC Front Slot Module HP FlexFabric 12900 48-port 10/100/1000BASE-T EB Front Slot Module Front Slot HP FlexFabric 12900 48-port 10GbE SFP+ EA Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module Rear slot HP FlexFabric 12910 3.84Tbps Type B Fabric Module FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 18 of 49 3 Security Appliance Validation Level The following table lists the level of validation for each area in the FIPS PUB 140-2. Table 2 Validation Level by Section No. Area Level 1 Cryptographic Module Specification 2 2 Cryptographic Module Ports and Interfaces 2 3 Roles, Services, and Authentication 2 4 Finite State Model 2 5 Physical Security 2 6 Operational Environment N/A 7 Cryptographic Key management 2 8 Electromagnetic Interface/Electromagnetic Compatibility 2 9 Self-Tests 2 10 Design Assurance 2 11 Mitigation of Other Attacks N/A 12 Overall Level 2 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 19 of 49 4 Physical Characteristics and Security Appliance Interfaces 4.1 HP 5900CP Switch Series The HP FlexFabric 5900CP switch is a multi-chip standalone security appliance, and the cryptographic boundary is defined as encompassing the "top," "front," "left," "right," and "bottom" surfaces of the case. The general components of the HP 5900CP switch include firmware and hardware, which are placed in the three-dimensional space within the case. The HP 5900CP switch provides: 48 SFP+ dual-personality ports; supports 1G/10G Ethernet, 4 Gbps/8 Gbps Fiber Channel 4 QSFP+ 40GbE ports A serial console port A management Gigabit Ethernet port. LEDs for system, power, and module status. USB 2.0 port. CF card slot. Power switch Reset switch The documents in HP website (http://h17007.www1.hp.com/us/en/products/switches/ HP_5900_Switch_Series/index.aspx#tab2 ) describe the ports in detail along with the interpretation of the LEDs. 4.2 HP FlexFabric 12910 Switch The HP FlexFabric 12910 Switch Series is a multi-chip standalone security appliances, and the cryptographic boundary is defined as encompassing the "top," "front," "left," "right," and "bottom" surfaces of the case. HP FlexFabric 12910 Switch chassis accommodates eight LPUs. LPUs provide Gigabit Ethernet, SFP Gigabit, SFP+ 10-Gigabit, XFP 10-Gigabit, QSFP+ 40-Gigabit and CFP 100-Gigabit ports in a range of numbers and combinations. In addition, the HP FlexFabric 12910 Switch requires a MPU. The chassis have two MPU slots. Each MPU provides a 100-Mbps Ethernet management port, a serial management port, an auxiliary serial port, two USB ports (host and device), and a CF card slot. (The MPUs have reserved ports, which are not supported at present (a RS-232/485 port, standby main board coaxial clock interfaces, and MCC Gigabit Ethernet interfaces).) The MPUs have status LEDs for switching fabric modules, LPU, fan, power, MPU, and CF status reporting. Each MPU has a reset button. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 20 of 49 Chassis power is provided through AC power frames. Each AC power frame accommodates up to six hot-swappable 1U AC PSU. The frame has status LED and a power frame switch. A power entry module supplies power input to each PSU. http://h17007.www1.hp.com/us/en/networking/products/switches/HP_FlexFabric_12900_Switch _Series/index.aspx#tab=TAB1 describes MPU options, LPU options, and ports in detail along with the interpretation of the LEDs FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 21 of 49 4.3 Physical Interfaces Mapping The physical interfaces provided by the HP Networking products map to four FIPS 140-2 defined logical interface: data input, data output, control input and status output. Table 3 presents the mapping. Table 3 Correspondence between Physical and Logical Interfaces Physical Interface FIPS 140-2 Logical Interface Networking ports Data Input Interface Console port Management Ethernet port CF card slot USB ports Networking ports Data Output Interface Console port Management Ethernet port CF card slot USB ports Networking ports Control Input Interface Console port Management Ethernet port Power switches Reset Switch Port status LED mode switching button Networking ports Status Output Interface Console port Management Ethernet port LEDs Power Slot Power Interface Backplane FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 22 of 49 5 Roles, Services, and Authentication 5.1 Roles The HP FlexFabric 5900CP and 12910 Switch Series provides 18 predefined roles and 64 custom user roles. There are 16 roles (Table 4) in the device that operators may assume: network-admin, level-15 and security-audit which are the FIPS Crypto-Officer Role, network-operator, level 0 ~ level 14 and 64 custom user roles which are defined as the FIPS User Role. Table 4 presents the roles and roles description. The devices allow multiple management users to operate the appliance simultaneously. The HP Networking switches do not employ a maintenance interface and do not have a maintenance role. Table 4 Roles and Role description FIPS Role Comware Role Role Description Name Crypto-Officer network-admin Accesses all features and resources in the system, except for the display security-logfile summary, info-center security- logfile directory, and security-logfile save commands. level-15 Has the same rights as network-admin Level-9 Has access to all features and resources except those in the following list. RBAC non-debugging commands. Local users. File management. Device management. The display history-command all command. security-audit Security log manager. The user role has the following access to security log files: Access to the commands for displaying and maintaining security log files (for example, the dir, display security-logfile summary, and more commands). Access to the commands for managing security log files and security log file system (for example, the info-center security-logfile directory, mkdir, and security-logfile save commands). Only the security-audit user role has access to security log files. User network-operator Accesses the display commands for all features and resources in the system, except for commands such as display history-command all and display security-logfile summary. Enables local authentication login users to change their own password. level-0 Has access to diagnostic commands, including ping, tracert, and ssh2. level-1 Has access to the display commands of all features and resources in the system except display history-command all. The level-1 user role also has all access rights of the user role level-0. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 23 of 49 custom user Have no access rights by default. Access rights are role; configurable. level-2 to level-8; level-10 to level- 14 5.2 Services HP Networking switches provide five services: View device status, View running status, Network functions, Security management, Configuration function. You can access these services by using any of the following methods: Console Port SSH The console port and SSH present a command line interface while the web user interface is a graphical user interface. 5.2.1 Crypto Officer Services The Crypto Officer role is responsible for the configuration and maintenance of the switches. The Crypto Officer services consist of the following: Table 5 Crypto officer services Available to Service Description Input Output CSP Access Role View currently None running image version; Network-admin, View device Status of View installed Commands level-15, status devices hardware level-9 components status and version View memory status, None packet statistics, interface status, current running Status of Network-admin, View running image version, Commands device level-15, status current configuration, functions level-9 routing table, active sessions, temperature and SNMP MIB statistics. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 24 of 49 CSP1-1: RSA private keys (read access); CSP1-2: DSA private keys (read access); CSP1-3: Public keys (read access); CSP2-1: IPsec authentication keys(read/write access); CSP2-2: IPsec encryption keys(read/write access); CSP2-3: IKE pre- shared keys(read access); CSP2-4: IKE Network diagnostic Authentication service such as key(read/write "ping"; access); Network connection service such as CSP2-5: IKE "SSHv2" client; Status of Commands Encryption Perform Provide IKEv1/IPsec commands Network-admin, and Key(read/write Network service to protect the and level-15, configuration access); functions session between the configuration level-9 data switch and external data CSP2-6: IKE RSA server(e.g. Radius Authentication Server/Log Server) private Key(read Initial Configuration access); setup (IP, hostname, DNS server) CSP2-7: IKE DSA Authentication private Key(read access); CSP2-8: IKE Diffie-Hellman Key Pairs(read access); CSP3-1: SSH RSA Private key(read access); CSP3-2: SSH Diffie-Hellman Key Pairs(read/write access); CSP3-3: SSH Session Key(read/write access); CSP3-4: SSH Session FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 25 of 49 authentication Key(read/write access); CSP4-1: User Passwords(read/ write access); CSP4-2: super password(read access); CSP4-3: RADIUS shared secret keys(read access); CSP4-4: TACACS+ shared secret keys(read access); CSP5-1: DRBG entropy input(read/write access); CSP6-1: DRBG seed(read access); CSP6-2: DRBG V(read access); CSP6-3: DRBG Key(read access); CSP7-1: SNMPv3 Authentication Key(read access); CSP7-2: SNMPv3 Encryption Key(read access); FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 26 of 49 CSP1-1: RSA private key(write access); CSP1-2: DSA private key(write access); CSP1-3: Public keys(write access); Change the role; Reset and change CSP2-3: IKE pre- the password of shared keys(write same/lower privilege access); user; Maintenance of the CSP4-1: User super password; Passwords(write Maintenance (create, access); destroy, import, export) of public CSP4-2: super key/private password(write key/shared key; access); Maintenance of IPsec/IKE. CSP4-3: RADIUS Maintenance of shared secret SNMPv3 keys(write Status of Management (create, Commands access); Network-admin, Perform commands delete, modify) of the and level-15, Security and management user roles; configuration CSP4-4: level-9, configuration Management of the data TACACS+ shared security-audit data access control rules secret keys(write for each role; access); Management (create, delete, modify) of the CSP5-1: DRBG user account; entropy input(read Management of the access); time; Maintenance (delete, CSP6-1: DRBG modify) system start- seed(read up parameters; access); File operation (e.g. dir, copy, del); CSP6-2: DRBG Shut down or Reboot V(read access); the security appliance; CSP6-3: DRBG Perform self-test Key(read access); CSP7-1: SNMPv3 Authentication Key(write access); CSP7-2: SNMPv3 Encryption Key(write access); CSP8-1: System KEK FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 27 of 49 CSP1-1: RSA private key(write access); CSP1-2: DSA private key(write access); CSP1-3: Public keys(write access); Save configuration; CSP2-3: IKE pre- Management of shared keys(write information center; access); Define network interfaces and CSP4-1: User settings; Passwords(write Set the protocols the access); switches will Status of support(e.g. SFTP Commands CSP4-2: super Network-admin, Perform commands Configuration server, SSHv2 and password(write level-15, and functions server); configuration access); level-9, configuration Enable interfaces data security-audit data and network CSP4-3: RADIUS services; shared secret Management of keys(write access control access); scheme Shut down or Reboot CSP4-4: the security TACACS+ shared appliance; secret keys(write access); CSP7-1: SNMPv3 Authentication Key(write access); CSP7-2: SNMPv3 Encryption Key(write access); CSP8-1: System KEK 5.2.2 User Services The following table describes the services available to user service. Table 6 user service Service Description Input Output CSP Access Available to Role View device View currently running Commands Status of None network-operator status image version; devices View installed hardware components status and version View running View memory status, Commands Status of None network-operator status packet statistics, device interface status, functions current running image version, current FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 28 of 49 configuration, routing table, active sessions, temperature and SNMP MIB statistics. Perform Network diagnostic Commands Status of CSP1-1: RSA Level-0, Network service such as "ping"; and commands private Level-1 functions Network connection configuratio and key(read/write service such as n data configuratio access); "SSHv2" client; n data CSP1-2: DSA private key(read access); CSP1-3: Public keys(read access); CSP2-1: IPsec authentication keys(read/write access); CSP2-2: IPsec encryption keys(read/write access); CSP2-3: IKE pre- shared keys(read access); CSP2-4: IKE Authentication key(read/write access); CSP2-5: IKE Encryption Key(read/write access); CSP2-6: IKE RSA Authentication private Key(read access); CSP2-7: IKE DSA Authentication private Key(read access); CSP2-8: IKE Diffie-Hellman Key Pairs(read access); CSP3-1: SSH RSA Private key(read access); CSP3-2: SSH Diffie-Hellman Key Pairs(read/write access); CSP3-3: SSH Session FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 29 of 49 Key(read/write access); CSP3-4: SSH Session authentication Key(read/write access); CSP4-1: User Passwords(read/ write access); CSP4-2: super password(read access); CSP4-3: RADIUS shared secret keys(read access); CSP4-4: TACACS+ shared secret keys(read access); CSP5-1: DRBG entropy input(read/write access); CSP6-1: DRBG seed(read access); CSP6-2: DRBG V(read access); CSP6-3: DRBG Key(read access); CSP7-1: SNMPv3 Authentication Key(read access); CSP7-2: SNMPv3 Encryption Key(read access); CSP8-1: System KEK 5.2.3 Non-Approved Services The HP modules support the following non-approved services: Self-tests: This service executes the suite of self-tests required by FIPS 140-2 in non- FIPS mode. Show Status: This service provides status outputs provided by the approved services and LED interfaces. Change Mode: This service configures the module to run in a FIPS Approved mode FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 30 of 49 Internet Key Exchange (IKE) with DES, MD5, HMAC-MD5, Diffie-Hellman (<2048- bits), RSA (< 2048-bits), DSA (< 2048-bits). Perform Network Time Protocol (NTP) service. Perform Secure Socket Layer (SSL) version 3.0. Perform TLS 1.0 with DES, RC4, MD5, HMAC-MD5, RSA (< 2048-bits). Perform Secure Shell version 1.x. Perform Secure Shell version 2.0 with DES, MD5, HMAC-MD5, DSA (<2048-bits) Perform Telnet. 5.3 Authentication Mechanisms HP networking devices support identity-based authentication, and role-based access control. Identity-based authentication Each user is authenticated upon initial access to the device. The authentication is identity- based. All users can be authenticated locally, and optionally supports authentication via a RADIUS and TACACS+ server. To logon to the appliances, an operator must connect to it through one of the management interfaces (console port, SSH) and provide a password. A user must be authenticated using usernames and passwords. The minimum password length is 15 characters, and the maximum is 63. The passwords must contain at least one lower case letter (26), one upper case letter (26), one special character (32) and one numeric character (10). The remaining eleven characters can be a lower case letter (26), an upper case letter (26), a special character (32) and/or a numeric character (10) equaling 94 possibilities per character. An alpha, numeric or special character cannot appear three or more times consecutively. Therefore, for a 15 characters password, the probability of randomly guessing the correct sequence is 1 in 64,847,834,440,785 (this calculation is based on the use of the typical standard American QWERTY computer keyboard. The calculation is 26 x 26 x 32 x 10 x 94 x 93 x 94 x 94 x 93 x 94 x 94 x 93 x 94 x 94 x 93 = 64,847,834,440,785. Assuming the first four digits are one from each character set [26 x 26 x 32 x 10] the fifth digit can be from the complete set of available characters [94]. Since a character or number cannot appear three or more times consecutively, for the sixth character the set of available characters is decreased by 1 [93]. The seventh and eighth character again can draw from the complete set of available characters [94 x 94]. Since a character or number cannot appear three or more times consecutively, for the ninth character the set of available characters is decreased by 1 [93]. This pattern continues for the remaining characters in the password.) In order to guess the password in 1 minute with close to probability 1 requires 64,847,834,440,785 trials, which is stronger than the one in a million chance required by FIPS 140-2. By default, the maximum number of consecutive failed login attempts is three and a user failing to log in after the specified number of attempts must wait for one minute before trying again. Using Anderson's formula to calculate the probability of guessing a password in 1 minute: P probability of guessing a password in specified period of time G number of guesses tested in 1 time unit T number of time units FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 31 of 49 N number of possible passwords Then P >= T x G / N (4.6262E-14 = 1 x 3 / 64,847,834,440,785) The probability of guessing a password in 1 minute is 4.6262E-14. To provide additional password security, Comware 7.1 provides additional limits to the number of consecutive failed login attempts. If an FTP or VTY user fails authentication, the system adds the user to a password control blacklist. If a user fails to provide the correct password after the specified number of consecutive attempts, the system can take one of the following actions, based on the administrator's choice: Blocks the user's login attempts until the user is manually removed from the password control blacklist. Blocks the user's login attempts within a configurable period of time, and allows the user to log in again after the period of time elapses or the user is removed from the password control blacklist. HP Networking devices can also use certificate credentials using 2048 bit RSA keys and SHA- 256; in such a case the security strength is 112 bits, so an attacker would have a 1 in 2^112 chance of a successful authentication which is much stronger than the one in a million chance required by FIPS 140-2. The users who try to log in or switch to a different user privilege level can be authenticated by RADIUS and TACACS+ Server. The minimum password length is 15 characters, and the maximum is 63. Therefore, for a 15 characters password, the probability of randomly guessing the correct sequence is one in 64,847,834,440,785. The device (RADIUS client) and the RADIUS server use a shared key to authenticate RADIUS packets and encrypt user passwords exchanged between them. For more details, see RFC 2865: 3 Packet Format Authenticator field and 5.2 User-password. Role-based access control In Comware 7.1.045, the command and resource access permissions are assigned to roles. Users are given permission to access a set of commands and resources based on the users' user roles. Each user can have one or more roles. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 32 of 49 6 Cryptographic Algorithms 6.1 FIPS Approved Cryptographic Algorithms The following table lists the FIPS-Approved algorithms HP Networking devices provide. Table 7 FIPS-Approved Cryptography Algorithms Algorithm Bits of Security Application Certificate AES-128 128 Kernel ­ #2988, #2985 AES-192 192 Encryption/decryption AES-256 256 AES-128 128 Encryption/decryption #2989, #2945 AES-192 192 AES-256 256 SHA-1 80 Kernel ­ Hashing #2509, #2506 SHA-1 80 Hashing #2510, #2481 SHA-224 112 SHA-256 128 SHA-384 192 SHA-512 256 HMAC SHA-1 160 Kernel - #1894, #1891 Message Authentication HMAC SHA-1 160 Message Authentication #1895, #1868 HMAC SHA-224 224 HMAC SHA-256 256 HMAC SHA-384 384 HMAC SHA-512 512 RSA-SHA1 80 Digital Signature Verification #1566, #1548 RSA-SHA224 112 (RSA-2048) Key Pair Generation, #1566, #1548 RSA-SHA256 Digital Signature Generation RSA-SHA384 Digital Signature Verification RSA-SHA512 DSA-SHA1 80 Digital Signature Verification #888, #877 DSA-SHA224 112 (DSA-2048) Key Pair Generation, #888, #877 DSA-SHA256 Digital Signature Generation DSA-SHA384 Digital Signature Verification DSA-SHA512 CTR DRBG Random bits generation #571, #548 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 33 of 49 Algorithm Bits of Security Application Certificate SP 800-135 KDFs IKEv1, SSH, SNMP1 #364, #343 6.2 FIPS Allowed Cryptographic Algorithms The following table contains the set of FIPS Allowed cryptographic algorithms that can also be used in FIPS mode. Table 8 FIPS-Allowed Cryptography Algorithms Algorithm Bits of Security Application Diffie-Hellman 2048 112 Key Agreement RSA 2048 112 Key Agreement Key Wrapping 6.3 Non-FIPS Approved Cryptographic Algorithms The following table contains the set of non-FIPS Approved algorithms that are implemented but may not be used when operating in FIPS mode. These algorithms are used in non-FIPS mode. Table 9 Non-FIPS Approved Cryptography Algorithms Algorithm Application DES Encryption/decryption Diffie-Hellman (< Key Agreement 2048-bits) RC4 Encryption/decryption MD5 Hashing HMAC MD5 Message Authentication RSA Key Pair Generation, (<2048-bits) Digital Signature Generation Digital Signature Verification Key Agreement Key Wrapping DSA Key Pair Generation, (<2048-bits) Digital Signature Generation Digital Signature Verification 1 These protocols have not been reviewed or tested by the CAVP and CMVP FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 34 of 49 7 Cryptographic Key Management 7.1 Cryptographic Security Parameters The security appliances use a variety of Critical Security Parameters (CSP) during operation. The following table lists the CSP including cryptographic keys used by the HP Networking devices. It summarizes generation, storage, and zeroization methods for the CSP. Table 10 Cryptographic Security Parameters Key/ # Algorithm Key Size Description Storage Zeroization CSP Name Public key management Identity certificates FLASH Using CLI CSP1- RSA private RSA 2048 bits for the security (cipher text / command to 1 key appliance itself. AES256) zeroize. Identity certificates FLASH Using CLI CSP1- DSA private DSA 2048 bits for the security (cipher text / command to 2 key appliance itself. AES256) zeroize Delete public keys of peers 1024 bits Public keys of peers CSP1- FLASH(plai from Public keys DSA/ RSA ~ 2048 to validate the digital 3 n text) configuration, bits signature write to startup config IPsec IPsec Automatically CSP2- HMAC- Used to authenticate RAM (plain authentication 160 bits when session 1 SHA1 the IPsec traffic text) keys expires. IPsec 128 bits Automatically CSP2- Used to encrypt the RAM (plain encryption AES 192 bits, when session 2 IPsec traffic text) keys 256 bits expires. FLASH(ciph Entered by the er text/ Crypto-Officer in AES-CTR- Using CLI CSP2- IKE pre-shared Shared 6 ~ 128 plain text form and 256) and command to 3 keys Secret bytes used for RAM zeroize authentication during (cipher text/ IKE AES-CTR- 256) IKE Used to authenticate Automatically CSP2- HMAC- RAM (plain Authentication 160 bits IKE negotiations when session 4 SHA1 text) key expires. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 35 of 49 Key/ # Algorithm Key Size Description Storage Zeroization CSP Name 128 bits Automatically CSP2- IKE Encryption Used to encrypt IKE RAM (plain AES 192 bits, when session 5 Key negotiations text) 256 bits expires. Automatically IKE RSA private key used for CSP2- RAM(plain when Authentication RSA 2048 bits IKE protocol during 6 text) handshake private Key the handshake finishing Automatically IKE DSA private key used for CSP2- RAM(plain when Authentication DSA 2048 bits IKE protocol during 7 text) handshake private Key the handshake finishing Automatically IKE Diffie- CSP2- Diffie- Key agreement for RAM (plain when Hellman Key 2048 bits 8 Hellman IKE text) handshake Pairs finishing SSH Automatically private key used for CSP3- SSH RSA RAM(plain when RSA 2048 bits SSH protocol 1 Private key text) handshake finishing Automatically SSH Diffie- CSP3- Diffie- Key agreement for RAM (plain when Hellman Key 2048 bits 2 Hellman SSH sessions. text) handshake Pairs finishing Automatically CSP3- SSH Session 128 bits, SSH session RAM (plain when SSH AES 3 Key 256 bits symmetric key text) session terminated Automatically SSH Session CSP3- HMAC- SSH session RAM (plain when SSH authentication 160 bits 4 SHA1 authentication key text) session Key terminated AAA Used to authenticate FLASH Using CLI CSP4- Crypto-Officer 15 ~ 63 Secret the administrator (cipher text / command to 1 Password bytes role. AES256) zeroize FLASH Using CLI CSP4- User 15 ~ 63 Used to authenticate Secret (cipher text / command to 2 Password bytes the user role. AES256) zeroize FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 36 of 49 Key/ # Algorithm Key Size Description Storage Zeroization CSP Name Used for authenticating the RADIUS FLASH Using CLI CSP4- Shared 15 ~ 64 RADIUS server to shared secret (cipher text / command to 3 Secret bytes the security keys AES256) zeroize appliance and vice versa. Used for authenticating the TACACS+ FLASH Using CLI CSP4- Shared 15~255 TACACS+ server to shared secret (cipher text / command to 4 Secret bytes the security keys AES256) zeroize appliance and vice versa. Entropy Resetting or Entropy CSP5- DRBG entropy SP 80090 RAM rebooting the 256 bits source used to 1 input CTR_DRBG (plaintext) security construct seed appliance Random Bits Generation Input to the DRBG Resetting or CSP6- SP 80090 that determines the RAM rebooting the DRBG seed 384 bits 1 CTR_DRBG internal state of the (plaintext) security DRBG appliance Generated by entropy Resetting or source via the CSP6- SP 80090 RAM rebooting the DRBG V 128 bits CTR_DRBG 2 CTR_DRBG (plaintext) security derivation function. It appliance is stored in DRAM with plaintext form Resetting or DRBG key used for CSP6- SP 80090 RAM rebooting the DRBG Key 256 bits SP 800-90 3 CTR_DRBG (plaintext) security CTR_DRBG appliance SNMPv3 FLASH SNMPv3 (cipher text / Using CLI CSP7- Used to verify AES256) Authentication SHA1 160 bits command to 1 SNMPv3 packet. Key zeroize RAM (plain text) FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 37 of 49 Key/ # Algorithm Key Size Description Storage Zeroization CSP Name FLASH SNMPv3 (cipher text / Using CLI CSP7- Used to encrypt AES256) Encryption AES 128 bits command to 2 SNMPv3 packet. Key zeroize RAM (plain text) System KEK Used to encrypt all private key, user password, and pre- Zeroized when Key shared key stored on Resetting or CSP8- RAM(plain encrypting AES 256 bits internal storage. rebooting the 1 text) key security The KEK is appliance generated using some random bytes, 7.2 Access Control Policy The services accessing the CSPs, the type of access and which role accesses the CSPs are listed below. The types of access are: read (r), write (w), and delete (d). Table 11 Access by Service for Crypto Officer Service Access Security Network functions Configuration functions /CSP management PKI CSP1-1 r wd wd CSP1-2 r wd wd CSP1-3 r wd wd IPsec CSP2-1 rwd d CSP2-2 rwd d CSP2-3 r wd wd CSP2-4 rwd d CSP2-5 rwd d CSP2-6 rd d CSP2-7 rd d FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 38 of 49 Service Access Security Network functions Configuration functions /CSP management CSP2-8 rd d SSH CSP3-1 rd d CSP3-2 rwd d CSP3-3 rwd d CSP3-4 rwd d AAA CSP4-1 rwd wd wd CSP4-2 r wd wd CSP4-3 r wd wd CSP4-4 r wd wd Entropy CSP5-1 rw r Random Bits Generation CSP6-1 r r CSP6-2 r r CSP6-3 r r SNMPv3 CSP7-1 r wd wd CSP7-2 r wd Wd System KEK CSP8-1 r r r Table 12 Access by Service for User role Service Access Network functions Configuration functions /CSP Public key management CSP1-1 r CSP1-2 r FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 39 of 49 Service Access Network functions Configuration functions /CSP CSP1-3 r IPsec CSP2-1 rwd CSP2-2 rwd CSP2-3 r CSP2-4 rwd CSP2-5 rwd CSP2-6 rd CSP2-7 rd CSP2-8 rd SSH CSP3-1 rd CSP3-2 rwd CSP3-3 rwd CSP3-4 rwd AAA CSP4-1 rwd CSP4-2 r CSP4-3 r CSP4-4 r Entropy CSP5-1 rw Random Bits Generation CSP6-1 r CSP6-2 r CSP6-3 r SNMPv3 CSP7-1 r CSP7-2 r FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 40 of 49 Service Access Network functions Configuration functions /CSP System KEK CSP8-1 r r FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 41 of 49 8 Self-Tests HP Networking devices include an array of self-tests that are run during startup and during operations to prevent any secure data from being released and to insure all components are functioning correctly. 8.1 Power-On Self-Tests The following table lists the power-on self-tests implemented by the switches. The switches perform all power-on self-tests automatically at boot. All power-on self-tests must be passed before any role can perform services. The power-on self-tests are performed prior to the initialization of the forwarding function, which prevents the security appliance from passing any data during a power-on self-test failure. Table 13 Power-On Self-Tests Implementation Tests Performed Security Appliance Software Software/firmware Test (non-Approved RSA 2048 with SHA-256 which acts as a 256 bit EDC) DSA signature/verification PWCT RSA signature/verification KAT RSA signature/verification PWCT RSA encryption/decryption PWCT Kernel AES encrypt KAT / AES decrypt KAT AES encrypt KAT / AES decrypt KAT Kernel SHA-1 KAT SHA-1 KAT SHA224 KAT SHA256 KAT SHA384 KAT SHA 512 KAT Kernel HMAC SHA-1 KAT HMAC SHA-1 KAT HMAC SHA224 KAT HMAC SHA256 KAT HMAC SHA384 KAT HMAC SHA 512 KAT CTR DRBG KAT FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 42 of 49 8.2 Conditional Self-Tests The following table lists the conditional self-tests implemented by the switches. Conditional self- tests run when a switch generates a DSA or RSA key pair and when it generates a random number. Table 14 Conditional Self-Tests Implementation Tests Performed Pairwise consistency test for RSA Pairwise consistency test for DSA Continuous Random Number Generator Test for the Security Appliance Software FIPS-approved RNG (CTR DRBG) Continuous Random Number Generator Test for entropy source (NDRNG) Firmware load using an Approved RSA 2048 with SHA- 256 FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 43 of 49 9 Delivery and Operation 9.1 Secure Delivery To ensure no one has tampered with the goods during delivery, inspect the Networking switch physical package and check as follows: 1. Outer Package Inspection 1) Check that the outer carton is in good condition. 2) Check the package for a HP Quality Seal or IPQC Seal, and ensure that it is intact. 3) Check that the IPQC seal on the plastic bag inside the carton is intact. 4) If any check failed, the goods shall be treated as dead-on-arrival (DOA) goods. 2. Packing List Verification Check against the packing list for discrepancy in material type and quantity. If any discrepancy found, the goods shall be treated as DOA goods. 3. External Visual Inspection Inspect the cabinet or chassis for any defects, loose connections, damages, and illegible marks. If any surface defect or material shortage found, the goods shall be treated as DOA goods. 4. Confirm Software/firmware 1) Version verification To verify the software version, start the appliance, view the self-test result during startup, and use the display version command to check that the software version. For the 5900CP, "HP Comware Software, Version 7.1.045, Release R2311P03" indicates it is a FIPS 140-2 and CC certification version. For the 12910, "HP Comware Software, Version 7.1.045, Release 1005P10" indicates it is a FIPS 140-2 and CC certification version. If software loading failed or the version information is incorrect, please contact HP for support. 2) RSA with SHA-256 verification To verify that software/firmware has not been tampered, run SHA Hash command on the appliance. If the hash value is different from release notes of this software, contact HP for support. To get release notes, please access HP website. 5. DOA (Dead on Arrival) If the package is damaged, any label/seal is incorrect or tampered, stop unpacking the goods, retain the package, and report to HP for further investigation. The damaged goods will be replaced if necessary. 9.2 Secure Operation The rules for securely operating an HP Networking switch in FIPS mode are: 1. Install and connect the device according to the installation and configuration guides. 2. Start the device, and enter the configuration interface. 3. Check and configure the clock. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 44 of 49 4. By default, the device does not run in FIPS mode. Enable the device to work in FIPS mode using the fips mode enable command in system view. This will allow the switch to internally enforce FIPS-compliance behavior, such as run power-up self-test and conditional self-test. 5. Set up username/password for crypto officer role. The password must comprise no less than 15 characters and must contain uppercase and lowercase letters, digits, and special characters. 6. Save the configurations and re-start the device. The device works in FIPS mode after restarting: 1. Configure the security appliance to use SSHv2. An operator can determine whether a switch is in FIPS mode with the command display fips status. When in FIPS mode: 1. The FTP/TFTP server is disabled. 2. The Telnet server is disabled. 3. The HTTP server is disabled. 4. SNMP v1 and SNMP v2c are disabled. Only SNMP v3 is available. 5. The SSH server does not support SSHv1 clients 6. Generated RSA/DSA key pairs have a modulus length 2048 bits. 7. SSHv2, SNMPv3, IPsec and SSL do not support Non-FIPS approved cryptographic algorithms. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 45 of 49 10 Physical Security Mechanism FIPS 140-2 Security Level 2 Physical Security requirements mandate that a cryptographic module have an opaque enclosure with tamper-evident seals for doors or removable covers. HP Networking devices include both appliance and chassis models. The tamper-evident seals and opacity shields shall be installed for the module to operate in a FIPS Approved mode of operation. All Networking devices need tamper-evident seals to meet the Physical Security requirements. Only the HP FlexFabric 5900CP needs an opacity shield. The Crypto Officer is responsible for properly placing all tamper evident labels on a device and is responsible for the securing and control of any unused seals and opacity shields. The Crypto Officer shall clean the module of any grease, dirt, or oil before applying the tamper-evident labels or opacity shields. The Crypto Officer is also responsible for the direct control and observation of any changes to the modules such as reconfigurations where the tamper-evident labels or opacity shields are removed or installed to ensure the security of the module is maintained during such changes and the module is returned to a FIPS approved state. The security labels recommended for FIPS 140-2 compliance are provided in the FIPS Kit. These security labels are very fragile and cannot be removed without clear signs of damage to the labels. All units use the same label kits: Label Kit - Part Label Kit ­ Description Number HP 12mm x 60mm Tamper-Evidence (30) Labels JG585A HP 12mm x 60mm Tamper-Evidence (100) Labels JG586A The opacity kit for each product model is below: 5900CP series Unit Opacity Kit ­ Description Opacity kit ­ Part Number HP FlexFabric 5900CP- HP FlexFabric 5900CP-48XG-4QSFP+ Switch JG719A 48XG-4QSFP+ Switch Opacity Shield Kit Each modular switch is entirely encased by a thick steel chassis. The HP FlexFabric 12910 Switch has slots for switching fabric cards. On-board LAN connectors and console connectors are provided on the MPU board. Power cable connection and a power switch are provided on the power supplies. The individual modules that comprise the switch may be removed to allow access to the internal components of each module. Any chassis slot that is not populated with a module must have a slot cover installed in order to operate in a FIPS compliant mode. The slot covers are included with each chassis, and additional slot covers may be ordered from HP. Use the procedure described in FIPS enclosure install instruction to apply tamper evident labels to the switch. The Crypto Officer should inspect the tamper evident labels periodically to verify they are intact and the serial numbers on the applied tamper evident labels match the records in the security log. If evidence of tampering is found with the TELs, the module must immediately be powered down FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 46 of 49 and all administrators must be made aware of a physical security breach in compliance the local site policies and procedures for dealing with this type of incident. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 47 of 49 11 Mitigation of Other Attacks The Security appliances do not claim to mitigate any attacks in a FIPS approved mode of operation. FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 48 of 49 12 Documentation References 12.1 Obtaining documentation You can access the HP Networking products page: http://h17007.www1.hp.com/us/en/ , where you can obtain the up-to-date documents of HP Routers and Switches, such as datasheet, installation manual, configuration guide, command reference, and so on. 12.2 Technical support For technical or sales related question please refer to the contacts list on the HP website: http://www.HP.com. The actual support website is: http://www8.hp.com/us/en/support-drivers.html FIPS 140-2 Non-Proprietary Security Policy for HP FlexFabric 5900CP and 12910 Switch Series Page 49 of 49