McAfee OFFICE 3.1 Especificaciones descargar pdf (Pagina 126)

Appendix

126 |

Appendix

Making Endpoint Encryption for Files and Folders FIPS

Compliant

The following procedures must be followed to operate McAfee Endpoint Encryption for

Files and Folders cryptographic module in a FIPS Approved mode:

McAfee Endpoint Encryption for Files and Folders must be installed using a

FIPS approved algorithm. The validated version of McAfee Endpoint Encryption

for Files and Folders presents AES-256 as the only option for the encryption

algorithm. The AES-256 encryption algorithm is certified for use in FIPS 140-2

implementations.

The module software must be operating in “FIPS” mode. This is done by

setting the FIPS registry key value from 0 (disabled) to 1 (enabled). The first

step is to create a FIPS registry script (see Appendix A for details). Once the

file is created

right click on the newly created .reg file and select merge from

the drop down menu.

To verify that the registry has been updated properly the user must install a

registry editor and navigate to

the following paths and verify that “FipMode is

set to 1”:

•

Windows 2000 and XP - HKEY_LOCAL_MACHINE\SOFTWARE\SafeBoot

International\SafeBoot Content Encryption\Verifier

• HKEY_LOCAL_MACHINE\SOFTWARE\SafeBoot

International\SafeBoot Content Encryption\Verifier

The PC used to run McAfee Endpoint Encryption for Files and Folders must be built

using production grade components and configured in a single operator mode. To do

this, the following operating system services must be disabled:

• Fast user switching

• Terminal services

• Remote registry service

• Secondary logon service

• Telnet service

• Remote desktop and Remote assistance services

1 2 ... 121 122 123 124 125 126 127 128 129 130 131 ... 134 135

Sin comentarios

McAfee OFFICE 3.1 Especificaciones Pagina 126