Chapter 1: Features and Benefits
5
Strong 256 Bit AES Encryption
The SX II utilizes the Advanced Encryption Standard (AES)
encryption for added security. 128- and 256-bit AES encryption is
available. AES is a U.S. government-approved cryptographic
algorithm that is recommended by the National Institute of Standards
and Technology (NIST) in the FIPS Standard 197.
Validated FIPS 140-2
Cryptographic Module
For government, military and other high security applications, the
Dominion SX II utilizes a validated FIPS 140-2 Cryptographic Module
for enhanced encryption. Modules tested and validated as
conforming to FIPS 140-2 are accepted by federal agencies of the
U.S. and Canada for the protection of sensitive information.
Enhanced Encryption Options
Support more encryption options: web-browser security through 256
and 128-bit SSL encryption; for SSHv2 connections, AES and 3DES
are supported (client-dependent).
Security - Authentication
External authentication with
LDAP, Radius, TACACS & Active
Directory
Dominion SX II integrates with industry-standard directory servers,
such as Microsoft Active Directory, using the LDAP, RADIUS and
TACACS protocols. This allows Dominion SX II to use pre-existing
username/password databases for security and convenience.
SecureID is supported via RADIUS for added security.
Upload Customer-Provided SSL
Certificates
Customers can upload to the Dominion SX II digital certificates (self-
signed or certificate authority provided) for enhanced authentication
and secure communication.
Configurable Strong Password
Checking
The Dominion SX II has administrator-configurable, strong password
checking to ensure that user-created passwords meet corporate
and/or government standards and are resistant to brute force
hacking.
Configurable Security Banner
For government, military and other security-conscious customers
requiring a security message before user login, the SX II can display
a user-configurable banner message and require acceptance before
user login.
SSH Client Certificate
Authentication
In addition to authentication via login/password, on the SSH interface
users can be authenticated via SSH certificates. Each local user can
be assigned up to 10 SSH keys. The key authentication takes the
place of the login/password
Local Authentication with Users,
Groups and Permissions
In addition to external authentication, the Dominion SX II supports
local authentication. Administrators can define users and groups with
customizable administration and port access permissions.
Login and Password Security
The SX II includes multiple login and password security features
including password aging, idle timeout, user blocking and login
limitations. Failed login attempts can be result in lockouts and user
deactivation.
SHA-2 Certificate Support
Support for the more secure SHA-2 certificates.
Summary of Contents for Dominion SX II
Page 75: ...Chapter 5 Raritan Serial Console RSC Help 68 2 Click Yes when prompted to confirm...
Page 130: ...Chapter 6 SX II Administration 123 6 Click OK...
Page 165: ...Chapter 6 SX II Administration 158 17 Click OK Apply Settings to Other Ports...
Page 260: ...253 Dominion SX II Overview Appendix C FAQs...
Page 267: ...Appendix C FAQs 260 Installation Management Configuration...