VT iDirect, Inc.
Secure Satellite Broadband Solutions
Modules Names: Evolution e8350 – Satellite Router [1], iConnex e800 –Satellite Router Board    [2],
iConnex e850MP – Satellite Router Board [3], iConnex e850MP-IND Satellite Router Board         [4],
iConnex e850MP-IND with Heat Sink Satellite Router Board [5], Evolution eM1D1 – Line Card      [6],
and Evolution eM0DM – Line Card [7]
Firmware Version: iDX version 2.3.1
Hardware Versions: E0000051-0003 [1], E0001340-0002 [2], E0000731-0001 [3], E0000731-0002      [4],
E0000731-0003 [5], E0000080-0002 [6], and E0000080-0005 [7]

FIPS 140-2 Non-Proprietary Security Policy
FIPS Security Level: 1
Document Version: 1.2




                         Prepared for:                          Prepared by:




                   VT iDirect, Inc.                         Corsec Security, Inc.
           13921 Park Center Road, Suite 600   13135 Lee Jackson Memorial Highway, Suite 220
                  Herndon, VA 20171                            Fairfax, VA 22033
               United States of America                     United States of America

               Phone: +1 (866) 345-0983                   Phone: +1 (703) 267-6050
                http://www.idirect.net                     http://www.corsec.com
Security Policy, Version 1.2                                                                                                                                                April 15, 2012




Table of Contents
1      INTRODUCTION ................................................................................................................... 4
       1.1 PURPOSE ................................................................................................................................................................ 4
       1.2 REFERENCES .......................................................................................................................................................... 4
       1.3 DOCUMENT ORGANIZATION ............................................................................................................................ 4
2      SECURE SATELLITE BROADBAND SOLUTIONS ............................................................ 5
       2.1 OVERVIEW ............................................................................................................................................................. 5
       2.2 MODULE SPECIFICATION ..................................................................................................................................... 7
       2.3 MODULE INTERFACES .......................................................................................................................................... 8
       2.4 ROLES, SERVICES, AND AUTHENTICATION .....................................................................................................10
            2.4.1 Crypto-Officer Role.............................................................................................................................................. 10
            2.4.2 User Role ................................................................................................................................................................ 11
            2.4.3 Client User Role ................................................................................................................................................... 11
            2.4.4 Services ................................................................................................................................................................... 11
       2.5 PHYSICAL SECURITY ...........................................................................................................................................26
       2.6 OPERATIONAL ENVIRONMENT.........................................................................................................................28
       2.7 CRYPTOGRAPHIC KEY MANAGEMENT ............................................................................................................28
       2.8 SELF-TESTS ..........................................................................................................................................................32
            2.8.1 Power-Up Self-Tests ............................................................................................................................................ 32
            2.8.2 Conditional Self-Tests ......................................................................................................................................... 33
       2.9 DESIGN ASSURANCE ..........................................................................................................................................33
       2.10 MITIGATION OF OTHER ATTACKS ..................................................................................................................33
3      SECURE OPERATION ......................................................................................................... 34
       3.1 CRYPTO-OFFICER GUIDANCE ..........................................................................................................................34
           3.1.1 Initialization ........................................................................................................................................................... 34
           3.1.2 Management ........................................................................................................................................................ 34
       3.2 USER GUIDANCE ................................................................................................................................................35
       3.3 CLIENT USER GUIDANCE ..................................................................................................................................35
4      ACRONYMS .......................................................................................................................... 36

Table of Figures
FIGURE 1 – IDIRECT NETWORK DEPLOYMENT .....................................................................................................................5
FIGURE 2 – CRYPTOGRAPHIC MODULE BLOCK DIAGRAM..................................................................................................8
FIGURE 3 – E8000 SERIES ENCLOSURE................................................................................................................................. 26
FIGURE 4 – ICONNEX E800 SATELLITE ROUTER BOARD .................................................................................................. 27
FIGURE 5 – ICONNEX E850MP SATELLITE ROUTER BOARD ............................................................................................ 27
FIGURE 6 – EVOLUTION EM1D1 LINE CARD ..................................................................................................................... 28

List of Tables
TABLE 1 – SECURITY LEVEL PER FIPS 140-2 SECTION ..........................................................................................................6
TABLE 2 – MAPPING OF THE E800 AND E8350 PHYSICAL PORTS ......................................................................................8
TABLE 3 – MAPPING OF THE E850MP, E850MP-IND, AND E850MP-IND WITH HEAT SINK PHYSICAL PORTS ........9
TABLE 4 – MAPPING OF THE EM1D1 AND EM0DM PHYSICAL PORTS ..............................................................................9
TABLE 5 – FIPS 140-2 LOGICAL INTERFACES ..................................................................................................................... 10
TABLE 6 – MAPPING OF GENERAL SERVICES TO ROLES, CSPS, AND TYPE OF ACCESS ................................................ 11
TABLE 7 – MAPPING OF LINE CARD SPECIFIC SERVICES TO ROLES, CSPS, AND TYPE OF ACCESS ............................. 18
TABLE 8 – MAPPING OF REMOTE PLATFORM SPECIFIC SERVICES TO ROLES, CSPS, AND TYPE OF ACCESS............... 20
TABLE 9 – MAPPING OF CLIENT USER ROLE'S SERVICES TO INPUTS, OUTPUTS, CSPS, AND TYPE OF ACCESS ........ 26
TABLE 10 – FIPS-APPROVED ALGORITHM IMPLEMENTATIONS ........................................................................................ 28
VT iDirect Secure Satellite Broadband Solutions                                                                                                                               Page 2 of 38
                                                       © 2012 VT iDirect, Inc.
                 This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                                                                April 15, 2012



TABLE 11 – LIST OF CRYPTOGRAPHIC KEYS, CRYPTOGRAPHIC KEY COMPONENTS, AND CSPS .............................. 29
TABLE 12 – ACRONYMS ........................................................................................................................................................ 36




VT iDirect Secure Satellite Broadband Solutions                                                                                                               Page 3 of 38
                                                       © 2012 VT iDirect, Inc.
                 This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




              1                          Introduction
1.1 Purpose
This is a non-proprietary Cryptographic Module Security Policy for the following cryptographic modules
from VT iDirect, Inc.:
    • Evolution e8350TM - Satellite Router (Part #E0000051-0003)
    • iConnex e800TM - Satellite Router Board (Part # E0001340-0002)
    • iConnex e850MPTM - Satellite Router Board (Part # E0000731-0001, E0000731-0002, E0000731 -
        0003)
    • Evolution eM1D1TM - Line Card (Part #E0000080-0002)
    • Evolution eM0DMTM - Line Card (Part #E0000080-0005)

This Security Policy describes how the modules listed above meet the security requirements of Federal
Information Processing Standards (FIPS) Publication 140-2, which details the U.S. and Canadian
Government requirements for cryptographic modules. More information about the FIPS 140-2 standard
and validation program is available on the National Institute of Standards and Technology (NIST) and the
Communications Security Establishment Canada (CSEC) Cryptographic Module Validation Program
(CMVP) website at http://csrc.nist.gov/groups/STM/cmvp.

This document also describes how to run the modules in a secure FIPS-Approved mode of operation. This
policy was prepared as part of the Level 1 FIPS 140-2 validation of the modules. The Evolution e8350
Satellite Router, iConnex e800 Satellite Router Board, iConnex e850MP Satellite Router Board, iConnex
e850MP-IND Satellite Router Board, iConnex e850MP-IND with Heat Sink Satellite Router Board,
Evolution eM1D1 Line Card, and Evolution eM0DM Line Card are collectively referred to in this
document as Secure Satellite Broadband Solutions, cryptographic modules, or modules.

1.2 References
This document deals only with operations and capabilities of the module in the technical terms of a FIPS
140-2 cryptographic module security policy. More information is available on the module from the
following sources:
     • The VT iDirect website (http://www.idirect.net) contains information on the full line of products
        from VT iDirect.
     • The CMVP website (http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm)
        contains contact information for individuals to answer technical or sales-related questions for the
        module.

1.3 Document Organization
The Security Policy document is one document in a FIPS 140-2 Submission Package. In addition to this
document, the Submission Package contains:
    • Vendor Evidence document
    • Finite State Model document
    • Other supporting documentation as additional references

This Security Policy and the other validation submission documentation were produced by Corsec Security,
Inc. under contract to VT iDirect. With the exception of this Non-Proprietary Security Policy, the FIPS
140-2 Submission Package is proprietary to VT iDirect and is releasable only under appropriate non-
disclosure agreements. For access to these documents, please contact VT iDirect.



VT iDirect Secure Satellite Broadband Solutions                                                                          Page 4 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




              2                         Secure Satellite Broadband Solutions

2.1 Overview
VT iDirect’s satellite-based IP1 communications technology enables constant connectivity for voice, video,
and data applications in any environment. VT iDirect has developed the leading TRANSEC-compliant
bandwidth-efficient satellite platforms for government and military communications. The Secure Satellite
Broadband Solutions have uses across a wide range of applications, including maritime connectivity,
aeronautical connectivity, military defense, and emergency relief.

VT iDirect Secure Satellite Broadband Solutions support a deterministic Time Division Multiple Access
(TDMA) upstream carrier and DVB-S22 downstream carrier. The VT iDirect TDMA network is optimized
for satellite transmissions, squeezing the maximum performance out of the bandwidth provided by satellite
links. The system is fully integrated with VT iDirect’s Network Management System that provides
configuration and monitoring functions. The VT iDirect network components consist of the Network
Management Server, Protocol Processor, Hub Line Card, and the Ethernet switch with remote modem. In a
star topology, the protocol processor acts as the central network controller, the Hubl Line Card is
responsible for the hub side modulation and demodulation (modem) functions, and the remote modem
provides modem functionalities for the Ethernet switch. A common deployment of the VT iDirect network
components is shown below.




                                     Figure 1 – iDirect Network Deployment

1
    IP – Internet Protocol
2
    DVB-S2 – Digital Video Broadcast - Satellite - Second Generation
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 5 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




VT iDirect’s hardware modules offer the Transmission Security (TRANSEC) feature that enables
encryption to all Data Link Layer traffic including all control and management data flowing between the
ULC and Remote modem using the Advanced Encryption Standard (AES). VT iDirect achieves full
TRANSEC compliance by presenting to an adversary eavesdropping on the RF3 link a constant wall of
fixed-sized, strongly-encrypted traffic segments, the frequency of which do not vary with network activity.
All network messages, including those that control the admission of a remote terminal into the TRANSEC
network, are encrypted and their original size is hidden. The content and size of all user traffic (Layer 3
and above), as well as all network link layer traffic (Layer 2), is completely indeterminate from an
adversary’s perspective. In addition, no higher-layer information can be ascertained by monitoring the
physical layer (Layer 1) signal. VT iDirect TRANSEC includes a remote-to-hub and a hub-to-remote
authentication protocol, based on X.509 certificates, designed to prevent man-in-the-middle attacks. This
authentication mechanism prevents an adversary’s remote from joining a VT iDirect TRANSEC network.
In a similar manner, it prevents an adversary from coercing a TRANSEC remote into joining the
adversary’s network.

TRANSEC is managed by the module firmware. A key set is created for each TRANSEC controller and all
participants in a Star network then share their exclusive key set. Encryption of data occurs in FPGA4
firmware. TRANSEC encrypts all data in Layer 2, so even the High-level Data Link Control (HDLC)
sources and destinations of packets are encrypted. Multicast and broadcast data is also encrypted. Since
the key set is shared among the network, every member of the network can receive and decrypt all data.
TRANSEC is designed to prevent traffic analysis by outside parties.

Link Encryption occurs completely in the module firmware. Each remote and its counter-part layer in the
protocol processor creates a transmit key (Link Encryption Key, See Table 11) and distributes this to its
peer, using the same key transport method as TRANSEC. Link Encryption is point-to-point, so each
remote has a unique key for receiving and transmitting data. Layer 2 data, such as source and destination
link addresses, is not encrypted. When used without TRANSEC, broadcast and multicast traffic is not
encrypted. Therefore, link level information, such as HDLC destinations, is not protected by Link
Encryption.

The cryptographic modules provide secure traffic routing services. The platforms for the cryptographic
modules are Printed Circuit Boards (PCBs) for the following:
       • Evolution e8350TM Satellite Router (Part # E0000051-0003)
       • iConnex e800TM Satellite Router Board (Part # E0001340-0002)
       • iConnex e850MPTM Satellite Router Board (Part # E0000731-0001, E0000731-0002, E0000731-
         0003)
       • Evolution eM1D1TM Line Card (Part # E0000080-0002)
       • Evolution eM0DMTM Line Card (Part # E0000080-0005)

The module firmware runs on version 2.6.17.8-uc0-iDirect0of the Linux Operating System (OS) for all the
platforms. The Secure Satellite Broadband Solutions are validated at the following FIPS 140-2 Section
levels:
                                Table 1 – Security Level per FIPS 140-2 Section

                           Section                        Section Title                          Level
                               1       Cryptographic Module Specification                           1
                               2       Cryptographic Module Ports and Interfaces                    1


3
    RF – Radio Frequency
4
    FPGA – Field Programmable Gate Array
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 6 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                           Section                        Section Title                          Level
                               3       Roles, Services, and Authentication                          1
                               4       Finite State Model                                           1
                               5       Physical Security                                            1
                               6       Operational Environment                                      1
                               7       Cryptographic Key Management                                 1
                                                    5
                               8       EMI/EMC                                                      1
                               9       Self-tests                                                   1
                               10      Design Assurance                                             1
                               11      Mitigation of Other Attacks                                N/A


2.2 Module Specification
The cryptographic boundary of the modules is the VT iDirect PCBs that run the iDX firmware, which is
referred to as “FALCON”. Per FIPS 140-2 terminology, the Secure Satellite Broadband Solutions are
multi-chip embedded modules that meet overall level 1 security requirements. Physically, the PCB is the
cryptographic boundary.

Figure 2 depicts the physical block diagram and the cryptographic boundary of the modules, which is
indicated below using the red dotted line. The diagram also shows the logical interfaces with the modules.
The red arrow indicates control input. The blue arrow indicates data output. The green arrow indicates data
input. The purple arrow indicates status output.




5
    EMI/EMC – Electromagnetic Interference / Electromagnetic Compatibility
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 7 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                               Figure 2 – Cryptographic Module Block Diagram
The VT iDirect Secure Satellite Broadband Solutions router, router board, and line card cryptographic
modules share a common design and functionality. Each module uses the same processor and FPGA
configuration (shown in Figure 2) to provide secure encryption and decryption of satellite data, voice, and
video communications. The cryptographic services and functions provided by each module are provided
by the same FALCON firmware release (iDX 2.3.1). Slight non-security relevant differences in the module
hardware implementation are indentified by different part numbers, including different form factors, heat
dissipation, quantities of LAN6 ports and LEDs7, and other part differences.

2.3 Module Interfaces
The Secure Satellite Broadband Solutions are multi-chip embedded cryptographic modules that meet
overall Level 1 FIPS 140-2 requirements. The physical port mapping for the modules are listed in the
tables below:
                           Table 2 – Mapping of the e800 and e8350 Physical Ports

                                                                                                         Enabled in FIPS
          Physical Port                                       Description                               Mode of Operation.

Power Connector                        MOLEX P/N 501844-1410                                                       Yes

Transmitter (TX Out)                   Female coaxial connector                                                    Yes



6
    LAN – Local Area Network
7
    LED – Light Emitting Diode
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 8 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                                         Enabled in FIPS
         Physical Port                                        Description                               Mode of Operation.

Receiver (RX Out)                      Female coaxial connector                                                    Yes

Receiver (RX In)                       Female coaxial connector                                                    Yes

10 MHz8                                BNC9 external 10MHz connector (future use)                                   No

USB10                                  Future Use                                                                   No

                                       RJ11-45, Serial, RS-23212
Console                                                                                                            Yes

LAN A/B                                RJ-45, 10/100 Base-T (2 on the e800, 9 on the                               Yes
                                       e8350)
RS-232/GPIO13                          HD-15, GPIO, Serial                                                          No

Power Control                          3-pin jumper                                                                Yes


    Table 3 – Mapping of the e850MP, e850MP-IND, and e850MP-IND with Heat Sink Physical
                                           Ports

                                                                                                         Enabled in FIPS
         Physical Port                                        Description                               Mode of Operation?

Power Connector                        4 pin interface; MOLEX 43650-0400                                           Yes

Power Control Connector                2 pin interface; MOLEX 43650-0200                                           Yes

Transmitter, Receivers, GPS            Coaxial Connection                                                          Yes

RS-232/GPIO                            20-pin interface: HARWIN M80-8662022                                         No

LED Connector                          20 pin interface; MOLEX 55456-2059                                          Yes

Ethernet                               RJ-45                                                                       Yes


                        Table 4 – Mapping of the eM1D1 and eM0DM Physical Ports

                                                                                                         Enabled in FIPS
         Physical Port                                        Description                               Mode of Operation?

Transmitter (TX Out)                   Female coaxial connector                                                    Yes

Receiver (RX Out)                      Female coaxial connector                                                    Yes



8
  MHz – Megahertz
9
  BNC – Bayonet Neill-Concelman connector
10
   USB – Universal Serial Bus
11
   RJ – Registered Jack
12
   RS-232 – Recommended Standard 232
13
   GPIO – General Purpose Input/Output
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 9 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                                         Enabled in FIPS
           Physical Port                                      Description                               Mode of Operation?

Receiver (RX In)                       Female Coaxial Connector                                                    Yes

LAN A/B, 10/100                        LAN RJ-45, 10/100 Base-T                                                    Yes

Console                                LAN RJ-45, Configuration Port                                               Yes

(4) LEDs                               Status Indication                                                           Yes

                                       PCI14 interface
Power Connector                                                                                                    Yes



The choice of how to display the LEDs on the modules is determined by the integrator of the PCBs. The
LED functions are handled by the FALCON application.

All of the interfaces that are enabled, as well as physical interfaces, can be categorized into logical
interfaces defined by FIPS 140-2, as described in the following table:
                                      Table 5 – FIPS 140-2 Logical Interfaces

                           FIPS 140-2 Logical                      Secure Satellite Broadband
                               Interface                            Solutions Port/Interface
                     Data Input                              Rx, Ethernet ports, console port

                     Data Output                             Tx, Ethernet ports, console port

                     Control Input                           Rx, Ethernet ports, console port

                     Status Output                           Tx, Ethernet ports, console port

                     Power                                   Power connector




2.4 Roles, Services, and Authentication
There are three roles in the module that operators may assume: Crypto-Officer role, User role, and Client
User role. Please note that, as the cryptographic modules were validated against Level 1 requirements, they
do not support role-based or identity-based authentication.

2.4.1 Crypto-Officer Role
The Crypto-Officer role is implicitly assumed when performing installation, configuration, or monitoring
services for the modules. The Crypto-Officer accesses the modules locally over the console port or
remotely over a secured session. There are four different interfaces that can be used for management
purposes:
       •    Console – The Crypto-Officer locally manages the modules by directly connecting through the
            console port (Serial over RJ45). The Crypto-Officer has to use an account name of “admin” and a
            password to access any services. The Crypto-Officer is authorized to change its own password
            and the passwords of User Role accounts (“user” and “diagnostic”).

14
     PCI – Peripheral Component Interconnect
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 10 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



     •     Remote Command Line Interface (CLI) – The modules can be configured and monitored over a
           remote CLI management interface using Secure Shell (SSH) version 1.3, 1.5 and 2.0. The Crypto-
           Officer uses a password to access any services. The modules perform a Diffie-Hellman (DH) key
           agreement mechanism to initialize the SSH session. When the Crypto-Officer accesses the module
           via SSH, he is able to log into the CLI interface directly with the “admin” account and the
           appropriate password.
     •     Management Interface over Transport Layer Security (TLS) – The modules can also be configured
           and monitored using a Graphical User Interface (GUI) over a TLS version 1.0 session, such as the
           iBuilder and iMonitor applications which require a user name and password for access. The
           modules perform RSA authentication and key transport during the TLS handshake.
     •     Management over Satellite – Over the satellite channel, the modules can perform low-level
           configuration and monitoring (all non-security-relevant). This consists of low-level link
           management (such as timeplans) sent by the protocol processor to the modules for which
           authentication is not required. The protocol processor will only send Layer 2 Reset messages
           when prompted to do so by a password privileged user.

2.4.2 User Role
The User has the ability to access the falcon console over the satellite network. On the console, the User is
enabled with account name “user” or “diagnostic” and a password to access any services.            Accounts
“user” and “diagnostic” employ the same password mechanism. Passwords are configured and controlled
by the Crypto-Officer with the “admin” account. The “user” and “diagnostic” accounts do not have the
privilege to change passwords. The services available to the User role (“user” and “diagnostic” accounts)
do not involve viewing or modifying CSPs. See Table 6, Table 7, and Table 8 for a list of User services.

2.4.3 Client User Role
The Client User accesses the modules over the Ethernet ports and utilizes the modules’ traffic routing and
link encryption services. The Client User role is implicitly assumed by a network device or application
routing traffic through the modules.

2.4.4 Services
Table 6, Table 7, and Table 8 list all CLI services available to a Crypto-Officer and User. The CLI services
can be categorized in three different groups as follows:
    1. General Services: Common functions to the iDX firmware.
    2. Hub Specific Services: These services are only accessible on the eM1D1 and eM0DM Line Card
        platforms.
    3. Remote Specific Services: Services specific to the Evolution e8350 Satellite Router, iConnex e800,
       iConnex e850MP, iConnex e850MP-IND, and iConnex e850MP-IND with Heat Sink Satellite
       Router Boards.
Descriptions of the services available are provided in the tables below. The following tables also list all
Critical Security Parameters (CSPs) involved in the services and associated access controls.

             Table 6 – Mapping of General Services to Roles, CSPs, and Type of Access

                                                                                 Operator
             Service                           Description                                                Type of Access
                                                                              CO            User
Antenna/debug                         AntennaClient st                                                 Secured Session Key –
                                                                                                       Read
Antenna/params                        Stats| params | debug                                            Secured Session Key –
                                                                                                       Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 11 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
             Service                           Description                                                Type of Access
                                                                              CO            User
Antenna/point                         Points to currently defined                                      Secured Session Key –
                                      settings in [SATELLITE]                                          Read
                                      group
arp                                   Address Resolution                                               Secured Session Key –
                                      Protocol (ARP) control                                           Read
beam/debug                            Sets debug level for beam                                        Secured Session Key –
                                      switch module                                                    Read
beamselector/control                  Beam selector control                                            Secured Session Key –
                                      command                                                          Read
beamselector/list                     List known beams                                                 Secured Session Key –
                                                                                                       Read
beamselector/lock                     Suppress the timer and stay                                      Secured Session Key –
                                      on this beam                                                     Read
beamselector/mapsize                  Print or change the map                                          Secured Session Key –
                                      size request params                                              Read
beamselector/newmap                   Force a request for a new                                        Secured Session Key –
                                      map                                                              Read
beamselector/params                   Stats | params | debug                                           Secured Session Key –
                                                                                                       Read
beamselector/switch                   Switch to new beam                                               Secured Session Key –
                                                                                                       Read
clear                                 Clear screen                                                     Secured Session Key –
                                                                                                       Read
console                               Console control                                                  Secured Session Key –
                                                                                                       Read
date                                  Get the downstream time                                          Secured Session Key –
                                      information                                                      Read
delay                                 Usage: delay <msecs to                                           Secured Session Key –
                                      sleep>                                                           Read
dgm_pkg_rx                            Datagram Package                                                 Secured Session Key –
                                      Download Receiver control                                        Read
dma                                   Direct Memory Access                                             Secured Session Key –
                                      (DMA) statistics                                                 Read
eloop                                 Display event loop status                                        Secured Session Key –
                                                                                                       Read
ENTER_ERROR_STATE                     Enter Error state                                                Secured Session Key –
                                                                                                       Read
ENTER_RECOVERY_STATE Start recovery falcon                                                             Secured Session Key –
                                                                                                       Read
error_status                          Display error status string                                      Secured Session Key –
                                                                                                       Read
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 12 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
              Service                          Description                                                Type of Access
                                                                              CO            User
eth                                   Configure a network                                              Secured Session Key –
                                      interface                                                        Read
eth_monitor                           Ethernet Interface Monitor                                       Secured Session Key –
                                                                                                       Read
extras                                Extras option file                                               Secured Session Key –
                                      manipulation                                                     Read
fll                                   Allows to query the status                                       Secured Session Key –
                                      of the hardware's frequency                                      Read
                                      lock loop
fpga                                  FPGA Rx1 driver                                                  Secured Session Key –
                                                                                                       Read
fpga/rx                               FPGA Rx Driver                                                   Secured Session Key –
                                                                                                       Read
fpga/tx                               FPGA Tx Driver                                                   Secured Session Key –
                                                                                                       Read
gecho                                 Global echo                                                      Secured Session Key –
                                                                                                       Read
heap                                  Memory usage                                                     Secured Session Key –
                                                                                                       Read
hub_fsd                               Hub FSD                                                          Secured Session Key –
                                                                                                       Read


igmp                                  Multicast control                                                Secured Session Key –
                                                                                                       Read
ip                                    Router control                                                   Secured Session Key –
                                                                                                       Read
keyroll_mgr                           Keyroll manager command                                          Dynamic Ciphertext
                                                                                                       Channel Key –
                                                                                                       Read/Write
                                                                                                       Acquisition Ciphertext
                                                                                                       Channel Key –
                                                                                                       Read/Write
                                                                                                       Secured Session Key –
                                                                                                       Read
laninfo                               View IP address/netmask                                          Secured Session Key –
                                                                                                       Read
latlong                               LAT LONG                                                         Secured Session Key –
                                                                                                       Read
license                               Get license                                                      Secured Session Key –
                                                                                                       Read
licensestat                           Remote license status                                            Secured Session Key –
                                      information                                                      Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 13 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
             Service                            Description                                               Type of Access
                                                                              CO            User
mac                                   Media Access Control                                             Secured Session Key –
                                      (MAC) control                                                    Read
mapclient/control                     Map client control                                               Secured Session Key –
                                      command                                                          Read
mapclient/params                      Stats | params | debug                                           Secured Session Key –
                                                                                                       Read
maphandler/control                    Map handler control                                              Secured Session Key –
                                      command                                                          Read
maphandler/params                     Stats | params | debug                                           Secured Session Key –
                                                                                                       Read
mem                                   Resource information                                             Secured Session Key –
                                                                                                       Read
netstat                               Checks network                                                   Secured Session Key –
                                      configuration and activity                                       Read
nms_echo                              NMS event echo                                                   Secured Session Key –
                                                                                                       Read
nmsr                                  Debug network                                                    Secured Session Key –
                                      management system                                                Read
                                      Reporting object (event
                                      message sender)
oob                                   Out of Band (OOB) control                                        Secured Session Key –
                                                                                                       Read
options                               Options file manipulation                                        Secured Session Key –
                                                                                                       Read
packages                              Show list of installed                                           Secured Session Key –
                                      software packages and their                                      Read
                                      versions
params                                View/edit global parameters                                      Secured Session Key –
                                                                                                       Read
pasoc                                 Command for the packet                                           Secured Session Key –
                                      socket layer                                                     Read
passwd                                Change password                                                  Password – Read,
                                                                                                       Write
                                                                                                       Secured Session Key –
                                                                                                       Read
pcmd                                  Periodic console Command                                         Secured Session Key –
                                                                                                       Read
ping                                  Utility                                                          Secured Session Key –
                                                                                                       Read
profiling                             Profiling the Utils                                              Secured Session Key –
                                                                                                       Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 14 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
             Service                           Description                                                Type of Access
                                                                              CO            User
ps                                    Show the output of the ps                                        Secured Session Key –
                                      command                                                          Read
reset                                 Reset machine or restart                                         Secured Session Key –
                                      service                                                          Read
rx/enable                             Rx Enable                                                        Secured Session Key –
                                                                                                       Read
rx/frequency                          Rx Frequency                                                     Secured Session Key –
                                                                                                       Read
rx/ifl10                              Rx IFL 10M                                                       Secured Session Key –
                                                                                                       Read
rx/iflDC                              Rx IFL DC                                                        Secured Session Key –
                                                                                                       Read
rx/ifltone                            Rx IFL 22k tone                                                  Secured Session Key –
                                                                                                       Read
rx/power                              Rx Power                                                         Secured Session Key –
                                                                                                       Read
rx/symrate                            Rx Symbol rate                                                   Secured Session Key –
                                                                                                       Read
rx2/agc                               Rx AGC                                                           Secured Session Key –
                                                                                                       Read
rx2/bitrate                           Rx BitRate                                                       Secured Session Key –
                                                                                                       Read
rx2/cof                               Rx Frequency Offset                                              Secured Session Key –
                                                                                                       Read
rx2/ enable                           Rx enable                                                        Secured Session Key –
                                                                                                       Read
rx2/frequency                         Rx Frequency                                                     Secured Session Key –
                                                                                                       Read
rx2/symrate                           Rx Symbolrate                                                    Secured Session Key –
                                                                                                       Read
rxdiag/14DCVoltage                    14 DC Voltage                                                    Secured Session Key –
                                                                                                       Read
rxdiag/6DCVoltage                     6 DC Voltage                                                     Secured Session Key –
                                                                                                       Read
rxdiag/7DCVoltage                     7 DC Voltage                                                     Secured Session Key –
                                                                                                       Read
rxdiag/rxpower                        Rx RF Composite Power                                            Secured Session Key –
                                                                                                       Read
rxdiag/temperature                    Board temperature                                                Secured Session Key –
                                                                                                       Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 15 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
             Service                           Description                                                Type of Access
                                                                              CO            User
rxdiag/tx10M                          Tx 10M output                                                    Secured Session Key –
                                                                                                       Read
rxdiag/txpower                        Tx RF Composite Power                                            Secured Session Key –
                                                                                                       Read
service                               Service start/stop command                                       Secured Session Key –
                                                                                                       Read
sn                                    Show modem serial number                                         Secured Session Key –
                                                                                                       Read
Stats                                 View/Edit global stats                                           Secured Session Key –
                                                                                                       Read
status                                Show status of stack                                             Secured Session Key –
                                                                                                       Read
sys_time                              Sys Time Tick                                                    Secured Session Key –
                                                                                                       Read
systray                               Debugs systray messages                                          Secured Session Key –
                                      (mulicast messages sent on                                       Read
                                      the Local Access Network
                                      or LAN)
tick                                  Get time tick                                                    Secured Session Key –
                                                                                                       Read
timer                                 Timer control                                                    Secured Session Key –
                                                                                                       Read
tlev                                  Trace control                                                    Secured Session Key –
                                                                                                       Read
tls                                   Transport Layer Security                                         Secured Session Key –
                                      (TLS) control                                                    Read
tls_mnc                               Debugs the secure MnC                                            Secured Session Key –
                                      control server                                                   Read
transec                               TRANSEC related Field                                            Secured Session Key –
                                      Programmable Gate Array                                          Read
                                      (FPGA) registers stats
tx/alcdac                             Tx ALCDAC                                                        Secured Session Key –
                                                                                                       Read
tx/atten                              Tx Atten                                                         Secured Session Key –
                                                                                                       Read
tx/atten1                             Tx Atten1                                                        Secured Session Key –
                                                                                                       Read
tx/atten2                             Tx Atten2                                                        Secured Session Key –
                                                                                                       Read
tx/cw                                 Tx CW                                                            Secured Session Key –
                                                                                                       Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 16 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                 Operator
              Service                          Description                                                Type of Access
                                                                              CO            User
tx/enable                             Tx Enable                                                        Secured Session Key –
                                                                                                       Read
tx/freq                               Tx frequency                                                     Secured Session Key –
                                                                                                       Read
tx/halfdb                             Tx Halfdb Atten                                                  Secured Session Key –
                                                                                                       Read
tx/ifl10                              Tx IFL 10M                                                       Secured Session Key –
                                                                                                       Read
tx/iflDC                              Tx IFL DC                                                        Secured Session Key –
                                                                                                       Read
tx/iqoffset                           TX IQ Offset                                                     Secured Session Key –
                                                                                                       Read
tx/pn                                 Tx PN                                                            Secured Session Key –
                                                                                                       Read
tx/power                              Tx Power                                                         Secured Session Key –
                                                                                                       Read
tx/ssb                                Tx ssb Pattern                                                   Secured Session Key –
                                                                                                       Read
tx/symrate                            Tx Symbolrate                                                    Secured Session Key –
                                                                                                       Read
uptime                                System and application                                           Secured Session Key –
                                      uptime                                                           Read
version                               Build information                                                Secured Session Key –
                                                                                                       Read
versions_report                       Full operating environment                                       Secured Session Key –
                                      report                                                           Read
x509                                  Manage X509 Certificates                                         RSA Private Key –
                                      and RSA keys                                                     Read/Write
                                                                                                       RSA Private Key –
                                                                                                       Read/Write
                                                                                                       Secured Session Key –
                                                                                                       Read
xoff                                  Disallow messages from                                           Secured Session Key –
                                      other processes                                                  Read
xon                                   Allow messages from other                                        Secured Session Key –
                                      processes                                                        Read
zeroize                               Zeroize all CSPs                                                 All CSPs – Delete




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 17 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



Table 7 lists the services that are provided on the Line Card platforms.
       Table 7 – Mapping of Line Card Specific Services to Roles, CSPs, and Type of Access

                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
agents                          View console agents                                                  Secured Session Key –
                                                                                                     Read
btp                             Burst Time Plan (BTP)                                                Secured Session Key –
                                statistics                                                           Read
cert_mgr                        Certificate Manager                                                  RSA Private Key –
                                command                                                              Read/Write
                                                                                                     RSA Public Key –
                                                                                                     Read/Write
                                                                                                     Secured Session Key –
                                                                                                     Read
da_tunnel                       Shows statistics for the                                             Secured Session Key –
                                tunnel between an external                                           Read
                                process and the hub line card
diagnostic                      Diagnostic Command                                                   Secured Session Key –
                                                                                                     Read
DID                             Show modem identification                                            Secured Session Key –
                                number                                                               Read
dumpb                           Dump bursts received on hub                                          Secured Session Key –
                                                                                                     Read
gige_mon                        Gige monitor command                                                 Secured Session Key –
                                                                                                     Read
hdlc                            HDLC Status                                                          Secured Session Key –
                                                                                                     Read
key_ctrl                        Crypto key controller
                                                                                                     Dynamic Ciphertext
                                                                                                     Channel Key –
                                                                                                     Read/Write
key_mgr                         Key manager
                                                                                                     Acquisition Ciphertext
                                                                                                     Channel Key –
                                                                                                     Read/Write
na_tunnel                       Shows the statistics                                                 Secured Session Key –
                                parameters for a tunnel from                                         Read
                                the hub line card and an
                                external process
rx/agc                          Rx AGC                                                               Secured Session Key –
                                                                                                     Read
rx/band                         Rx Band                                                              Secured Session Key –
                                                                                                     Read
rx/ber/stats                    BER Stats                                                            Secured Session Key –
                                                                                                     Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 18 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
rx/bitrate                      Rx BitRate                                                           Secured Session Key –
                                                                                                     Read
rx/blklen                       Rx BlockLength                                                       Secured Session Key –
                                                                                                     Read
rx/mod                          Rx Modulation                                                        Secured Session Key –
                                                                                                     Read
rx/payloadlen                   Rx PayloadLength                                                     Secured Session Key –
                                                                                                     Read
rx/refclkdac                    Rx Ref Clock DAC                                                     Secured Session Key –
                                                                                                     Read
rx2/demodkick                   Rx DemodKick                                                         Secured Session Key –
                                                                                                     Read
rx2/snr                         Rx SNR                                                               Secured Session Key –
                                                                                                     Read
rx2/tdmlost                     Rx tdm lock lost                                                     Secured Session Key –
                                                                                                     Read
rxdiag/19DCVoltage              19 Volts Supply Monitor                                              Secured Session Key –
                                                                                                     Read
rxdiag/inputdcvoltage           Input DC Voltage                                                     Secured Session Key –
                                                                                                     Read
rxdiag/mcifpower                Multichannel IF Power                                                Secured Session Key –
                                                                                                     Read
rxdiag/mcrfpower                Multichannel RF Power                                                Secured Session Key –
                                                                                                     Read
standby                         Standby Command                                                      Secured Session Key –
                                                                                                     Read
swbpfll                         Software FLL                                                         Secured Session Key –
                                                                                                     Read
swfll                           Software FLL                                                         Secured Session Key –
                                                                                                     Read
sync_mgr                        Check options file sync msg                                          Secured Session Key –
                                list                                                                 Read
sync_rsp_mgr                    Check response msg list                                              Secured Session Key –
                                                                                                     Read
TERMINATE                       Kill process                                                         Secured Session Key –
                                                                                                     Read
tplog                           Timeplan Log                                                         Secured Session Key –
                                                                                                     Read
tunnel                          Tunnel control                                                       Secured Session Key –
                                                                                                     Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 19 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
            Service                        Description                                                    Type of Access
                                                                           CO            User
tunnel_control                  Tunnel controller command                                            Secured Session Key –
                                                                                                     Read
tx/band                         Tx Band Selection                                                    Secured Session Key –
                                                                                                     Read
tx/band                         Tx Band Select                                                       Secured Session Key –
                                                                                                     Read
tx/fllref                       Tx FLL Ref Clock                                                     Secured Session Key –
                                                                                                     Read
tx/lock                         Tx Lock Status                                                       Secured Session Key –
                                                                                                     Read
tx/powermode                    Tx Power Mode                                                        Secured Session Key –
                                                                                                     Read
tx/raven                        Tx Raven                                                             Secured Session Key –
                                                                                                     Read
wam                             wam                                                                  Secured Session Key –
                                                                                                     Read

Table 8 lists services that are provided on the Evolution e8350 Satellite Router, iConnex e800,iConnex
e850MP, iConnex e850MP-INd, and iConnex e850MP-IND with Heat Sink platforms.
Table 8 – Mapping of Remote Platform Specific Services to Roles, CSPs, and Type of Access

                                                                               Operator
            Service                        Description                                                    Type of Access
                                                                           CO            User
acq                             Enables acquisition debugging                                        Secured Session Key –
                                                                                                     Read
ber/stats                       BER Stats                                                            Secured Session Key –
                                                                                                     Read
btp                             Tx Debug                                                             Secured Session Key –
                                                                                                     Read
classifier                      Classifier command                                                   Secured Session Key –
                                                                                                     Read
cpu                             Show CPU utilization                                                 Secured Session Key –
                                percentage                                                           Read
csp                             Enables/disables csp mode                                            Secured Session Key –
                                                                                                     Read
dfoe                            Dynamic Features and                                                 Secured Session Key –
                                Options Exchange                                                     Read
dhcp                            DHCP server command                                                  Secured Session Key –
                                                                                                     Read
dns                             DNS control                                                          Secured Session Key –
                                                                                                     Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 20 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
           Service                         Description                                                    Type of Access
                                                                           CO            User
dubmpb                          Dump bursts received on                                              Secured Session Key –
                                TDMA Rx2 of the remote                                               Read
dvbs2                           dvbs2 st                                                             Secured Session Key –
                                                                                                     Read
enc                             Encryption control command                                           Secured Session Key –
                                                                                                     Read
encs                            Encryption session control                                           Secured Session Key –
                                command                                                              Read
fake_acq                        Fake ACQ control                                                     Secured Session Key –
                                                                                                     Read
fan/rpm                         Fan RPM                                                              Secured Session Key –
                                                                                                     Read
fan/status                      Fan Status                                                           Secured Session Key –
                                                                                                     Read
fpga/rx1                        FPGA Rx1 Driver                                                      Secured Session Key –
                                                                                                     Read
fpga/rx2                        FPGA Rx2 Driver                                                      Secured Session Key –
                                                                                                     Read
gpspollinterval                 seconds                                                              Secured Session Key –
                                                                                                     Read
gpsvalidationstatus             Status of GPS validation                                             Secured Session Key –
                                                                                                     Read
gre                             Generic Routine                                                      Secured Session Key –
                                Encapsulation (GRE) protocol                                         Read
icmp                            Internet Control Message                                             Secured Session Key –
                                Protocol (ICMP) inspection                                           Read
                                layer console command
inroute_list                    Inroute List                                                         Secured Session Key –
                                                                                                     Read
ipv4                            IPv4 protocol acceleration                                           Secured Session Key –
                                control layer                                                        Read
ktun                            Kernel Tunnel Command                                                Secured Session Key –
                                                                                                     Read
l2tp_compress                   L2TP payload compress                                                Secured Session Key –
                                                                                                     Read
lfc                             Local                                                                Secured Session Key –
                                                                                                     Read
ll                              Link Layer control                                                   Secured Session Key –
                                                                                                     Read
mcqos                           Multicast QoS                                                        Secured Session Key –
                                                                                                     Read
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 21 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
mesh                            Forces the remote out of                                             Secured Session Key –
                                mesh                                                                 Read
mesh_marker                     mesh_marker layer command                                            Secured Session Key –
                                                                                                     Read
meshdebug                       Mesh Debug                                                           Secured Session Key –
                                                                                                     Read
nat                             NAT Control                                                          Secured Session Key –
                                                                                                     Read
offline                         Offline                                                              Secured Session Key –
                                                                                                     Read
online                          Online                                                               Secured Session Key –
                                                                                                     Read
oobc                            Out of Band Control layer                                            Secured Session Key –
                                stats and params                                                     Read


ota                             Over-The-Air statistics                                              Secured Session Key –
                                                                                                     Read
phy                             Read PHY status register                                             Secured Session Key –
                                                                                                     Read
pm                              Pad upper Mux stats                                                  Secured Session Key –
                                                                                                     Read
powermgmt                       Power Management                                                     Secured Session Key –
                                                                                                     Read
pull_engine                     PullDown Engine Control                                              Secured Session Key –
                                                                                                     Read
qos                             Quality of Service (QoS)                                             Secured Session Key –
                                control                                                              Read
remotestate                     Displays the current remote                                          Secured Session Key –
                                state                                                                Read
rmtarp                          Mesh ARP table                                                       Secured Session Key –
                                                                                                     Read
rmtlock                         Locks the remote to work in                                          Secured Session Key –
                                a specific network                                                   Read
rmtstat                         Toggle printing Remote                                               Secured Session Key –
                                Status messages                                                      Read
rx/cof                          Rx Carrier Offset                                                    Secured Session Key –
                                                                                                     Read
rx/demod                        Rx Demod                                                             Secured Session Key –
                                                                                                     Read



VT iDirect Secure Satellite Broadband Solutions                                                                          Page 22 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                          April 15, 2012




                                                                                Operator
             Service                        Description                                                    Type of Access
                                                                            CO            User
rx/demodkick                     Rx DemodKick                                                         Secured Session Key –
                                                                                                      Read
rx/demodsel                      Rx Demod Select                                                      Secured Session Key –
                                                                                                      Read
rx/dvbs2/debug                   Sets debug level for Rx dvbs2                                        Secured Session Key –
                                                                                                      Read
rx/fastfll                       Rx Fast FLL                                                          Secured Session Key –
                                                                                                      Read
rx/flm                           Rx False Lock Monitor                                                Secured Session Key –
                                                                                                      Read
rx/gdc                           GD Compensation and                                                  Secured Session Key –
                                 Monitor                                                              Read
rx/griffin                       Rx Griffin                                                           Secured Session Key –
                                                                                                      Read
rx/groundelay                    Rx Ground Delay                                                      Secured Session Key –
                                                                                                      Read
rx/pointing                      Rx Pointing                                                          Secured Session Key –
                                                                                                      Read
rx/snr                           Rx SNR                                                               Secured Session Key –
                                                                                                      Read
rx/stv                           STV Support                                                          Secured Session Key –
                                                                                                      Read
rx/swfll                         Software SCPC FLL                                                    Secured Session Key –
                                                                                                      Read
rx/tdmlost                       Rx tdm lock lost                                                     Secured Session Key –
                                                                                                      Read
rx/ts_stats                      Rx Transport Stream Lock                                             Secured Session Key –
                                 Stats                                                                Read
rx2/blklen                       Rx BlockLength                                                       Secured Session Key –
                                                                                                      Read
rx2/crc                          Rx2 CRC Count                                                        Secured Session Key –
                                                                                                      Read
rx2/fec                          Tx FECRate                                                           Secured Session Key –
                                                                                                      Read
rx2/meshfsd                      Mesh FSD                                                             Secured Session Key –
                                                                                                      Read
rx2/mod                          Rx Modulation                                                        Secured Session Key –
                                                                                                      Read
rx2/payloadlen                   Rx PayloadLength                                                     Secured Session Key –
                                                                                                      Read

VT iDirect Secure Satellite Broadband Solutions                                                                           Page 23 of 38
                                                     © 2012 VT iDirect, Inc.
               This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
rxdiag/14rxanalog               14-Analog-Rx (AIN6)                                                  Secured Session Key –
                                                                                                     Read
rxdiag/14txanalog               14-Analog-Rx (AIN5)                                                  Secured Session Key –
                                                                                                     Read
rxdiag/24DCVoltage              24 DC Voltage                                                        Secured Session Key –
                                                                                                     Read
rxdiag/5DCVoltage               5 DC Voltage                                                         Secured Session Key –
                                                                                                     Read
rxdiag/consolevoltage           Console Voltage                                                      Secured Session Key –
                                                                                                     Read
rxdiag/rxvoltage                Rx IFL DC Voltage                                                    Secured Session Key –
                                                                                                     Read
rxdiag/txcurrent                Tx IFL DC VOltage                                                    Secured Session Key –
                                                                                                     Read
rxdiag/txpll                    Tx PLL VCC (AIN4)                                                    Secured Session Key –
                                                                                                     Read
rxdiag/txvoltage                Tx IFL DC Voltage                                                    Secured Session Key –
                                                                                                     Read
rxdiag/vinps                    Input Voltage PS (AIN3)                                              Secured Session Key –
                                                                                                     Read
sar                             Segmentation and Reassembly                                          Secured Session Key –
                                (SAR) control                                                        Read
satmac                          Debugs the satellite MAC                                             Secured Session Key –
                                layer                                                                Read
sd                              Sar lower Mux stats                                                  Secured Session Key –
                                                                                                     Read
switch/status                   Marvell Switch Status                                                Secured Session Key –
                                                                                                     Read
switch/vlans                    Marvell Switch VLAN                                                  Secured Session Key –
                                configuration                                                        Read
switch/pvid                     Marvell Switch Port PVID                                             Secured Session Key –
                                values                                                               Read
switch/fwmap                    Marvell Switch Port FW Map                                           Secured Session Key –
                                                                                                     Read
switch/power                    Marvell Switch Power                                                 Secured Session Key –
                                Control                                                              Read
switch/params                   Marvell Switch option file                                           Secured Session Key –
                                params                                                               Read
transec_layer                   TRANSEC layer command                                                Secured Session Key –
                                                                                                     Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 24 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
tx/10                           Tx Pattern 1-0                                                       Secured Session Key –
                                                                                                     Read
                                                                                                     Secured Session Key –
tx/bitrate                      Tx Bitrate                                                           Read
                                                                                                     Secured Session Key –
tx/blklen                       Tx BlockLength                                                       Read
                                                                                                     Secured Session Key –
tx/debug                        Tx Debug                                                             Read
                                                                                                     Secured Session Key –
tx/fecrate                      Tx FECRate                                                           Read
                                Tx Freq Record Program                                               Secured Session Key –
tx/freq_val                     Values                                                               Read
                                                                                                     Secured Session Key –
tx/fsd                          Tx FSD                                                               Read
                                                                                                     Secured Session Key –
tx/keyline                      Tx Keyline                                                           Read
                                                                                                     Secured Session Key –
tx/lfo                          Tx Local Frequency Offset                                            Read
                                                                                                     Secured Session Key –
tx/mod                          Tx Modulation                                                        Read
                                                                                                     Secured Session Key –
tx/payloadlen                   Tx PayloadLength                                                     Read
                                                                                                     Secured Session Key –
tx/power                        Tx Power                                                             Read
                                                                                                     Secured Session Key –
tx/ssb                          Tx SSB                                                               Read
                                                                                                     Secured Session Key –
tx/status                       Tx Status                                                            Read
                                                                                                     Secured Session Key –
tx/tdma/debug                   sets debug level for tx tdma                                         Read
                                Tx Num of Tpc Blocks Per                                             Secured Session Key –
tx/tpcblocks                    Frame                                                                Read
ucp                             Display UCP information                                              Secured Session Key –
                                                                                                     Read
udp                             UDP Command                                                          Secured Session Key –
                                                                                                     Read
udp_compress                    UDP Payload compress                                                 Secured Session Key –
                                                                                                     Read
vlan                            Virtual Local Area Network                                           Secured Session Key –
                                (VLAN) control                                                       Read

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 25 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                               Operator
          Service                          Description                                                    Type of Access
                                                                           CO            User
wam2                            wam                                                                  Secured Session Key –
                                                                                                     Read

Table 9 maps Client User Role services to inputs, outputs and CSPs.

    Table 9 – Mapping of Client User Role's Services to Inputs, Outputs, CSPs, and Type of
                                            Access

          Service                          Description                    Input         Output            Type of Access

Traffic Routing                 Secured traffic routing at the         Data Link      Data Link      Dynamic Ciphertext
                                data-link layer                        layer          layer          Channel key - Read
                                                                       packet         packet
Multicast Packet Reset          After individual component of “Reset”                 Command None
                                the multicast packet is       option is               status
                                extracted and written to the checked
                                modem’s flash memory, the
                                modem resets if the “Reset”
                                option was checked.


2.5 Physical Security
The cryptographic modules are multi-chip embedded cryptographic modules per FIPS 140-2 terminology.
The modules are PCBs that consist of production grade components and meet level 1 physical security
requirements using clear coating over the boards and their physical components to protect against
environment and physical damage. The boards will be enclosed in production-grade enclosures for added
physical security. A sample enclosure can be seen in Figure 3.




                                          Figure 3 – e8000 Series Enclosure

Figure 4 below show the iConnex e800 Satellite Router Board. Please note that the e800 and e8350 boards
have the same appearance; the only difference is that the e8350 has an 8 port Ethernet switch that is
mounted to the back of the metal chassis that it fits into.




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 26 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                Figure 4 – iConnex e800 Satellite Router Board




Figure 5 below shows the iConnex e850MP Satellite Router Board.




                               Figure 5 – iConnex e850MP Satellite Router Board




Figure 6 below show the Evolution eM1D1 Line Card. Please note that Evolution eM1D1 and Evolution
eM0DM Line Cards have the same appearance.




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 27 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                       Figure 6 – Evolution eM1D1 Line Card



2.6 Operational Environment
The modules’ firmware, iDX version 2.3.1, runs on Linux OS version 2.6.17.8-uc0-iDirect0 for all the
platforms. The operating system protects memory and process space from unauthorized access. The
firmware integrity test protects against unauthorized modification of the modules itself.



2.7 Cryptographic Key Management
The cryptographic modules implement the FIPS-Approved algorithms shown in Table 10:

                           Table 10 – FIPS-Approved Algorithm Implementations

                                                                                                  Certificate
                                            Algorithm
                                                                                                   Number
            AES15 in CBC16 and CFB17 modes – encrypt/decrypt 256-bit key                               1944
            (Software Implementation)
            AES in CBC mode – encrypt/decrypt 256-bit key (Hardware                                    1945
            Implementation)


15
   AES – Advanced Encryption Standard
16
   CBC – Cipher-Block Chaining
17
   CFB – Cipher Feedback Mode
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 28 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




                                                                                                  Certificate
                                            Algorithm
                                                                                                   Number
            SHA18-1                                                                                    1709
            HMAC SHA-1                                                                                 1173
                 19
            RSA ANSI X9.31 Key Generation – 2048-bit key                                               1007
            RSA sign/verify – 1024-bit to 2048-bit keys                                                1007
            ANSI20 x9.31 Appendix A.2.4 Pseudo Random Number                                           1024
            Generator (PRNG)

Additionally, the modules utilize the following non-FIPS-Approved algorithm implementation, which are
allowed in a FIPS-Approved mode of operation:
     •     Diffie-Hellman 1024 bits key (PKCS#3, key agreement/key establishment methodology provides
           80 bits of encryption strength)
     •     Non-FIPS Approved PRNG for seeding the ANSI X9.31 PRNG
     •     RSA 2048 bits key encrypt/decrypt (PKCS#1, key wrapping; key establishment methodology
           provides 112 bits of encryption strength)
     •     PBKDF21 (SP800-132, Non-Approved)

Additional information concerning SHA-1, Diffie-Hellman key agreement/key establishment, RSA key
signatures and ANSI X9.31 and specific guidance on transitions to the use of stronger cryptographic keys
and more robust algorithms is contained in NIST Special Publication 800-131A.

The modules support the following critical security parameters a described in Table 11.

         Table 11 – List of Cryptographic Keys, Cryptographic Key Components, and CSPs

    Key
                                         Generation
/Component/             Key Type                             Output           Storage        Zeroization                 Use
                                           / Input
   CSP
iDirect Signed        RSA 2048-bit       Externally       Never exits      Hard-coded    Never                Performs firmware
Key                   public key         generated        the module       in the module zeroized             integrity check
                                                                                                              during power-up
                                                                                                              and upgrade
Dynamic       AES-256 CBC                Externally       Never exits      Resides in       By global         Provides
Ciphertext    key                        generated,       the module       volatile         zeroize           confidentiality to
Channel (DCC)                            entered in                        memory in        command           data over Satellite
Key                                      encrypted                         plaintext                          channel
                                         form
Secured Session AES-256 CBC              Generated        Never            Resides in       Zeroized          Provides secured
Key             key                      internally                        volatile         after session     channel for
                                         using Diffie-                     memory in        is over           management
                                         Hellman                           plaintext




18
   SHA – Secure Hash Algorithm
19
   RSA – Rivest, Shamir, and Adleman
20
   ANSI – American National Standards Institute
21
   PBKDF – Password Based Key Derivation Function
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 29 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



    Key
                                         Generation
/Component/             Key Type                             Output           Storage        Zeroization                 Use
                                           / Input
   CSP
Acquisition   AES-256 CBC                Externally     Never exits        Resides in       By global         Encrypts all traffic
Ciphertext    key                        generated,     the module         volatile         zeroize           and traffic headers
Channel (ACC)                            entered in                        memory in        command           required for a
Key                                      plaintext form                    plaintext;                         remote to acquire
                                                                           resides in                         the network
                                                                           plaintext in
                                                                           non-volatile
                                                                           memory
Link Encryption AES-256 CBC              Internally       Exits in         Resides in       Zeroized          Provides
Key             and CFB key              generated or     encrypted        volatile         after session     confidentiality to
                                         entered in       form             memory in        is over           Layer 3 data
                                         encrypted                         plaintext
                                         form
RSA Private Key RSA 2048-bit             Internally       Exits in         In flash in      By global         Authenticates TLS
                private key              generated        plaintext,       plaintext        zeroize           channel and
                                                          can be                            command           transports Global
                                                          viewed by                                           Session Key and
                                                          the Crypto-                                         Link Encryption
                                                          Officer in                                          Key
                                                          plaintext
RSA Public Key      RSA 2048-bit         Internally       Exits in         In flash in      By global         Authenticates TLS
                    public key           generated        plaintext,       plaintext        zeroize           channel and
                                                          can be                            command           transports Global
                                                          viewed by                                           Session Key &
                                                          the Crypto-                                         Link Encryption
                                                          Officer in                                          Key
                                                          plaintext
Certificates        X.509 digital        Externally       Exits in         In flash in      By global         Used for hub and
issued by the       certificates         generated,       encrypted        plaintext        zeroize           remote unit
iDirect                                  entered in       form                              command           validation
Certificate                              encrypted
Authority (CA)                           form
Foundry
Diffie-Hellman      1024-bit DH          Internally       Never exits      Resides in       Zeroized          Establishes
private key         private              generated        the module       volatile         after session     Secured Session
                    exponent                                               memory in        is over           Key during SSH or
                                                                           plaintext                          TLS sessions
Diffie-Hellman      1024-bit DH     Internally            Exits            Resides in       Zeroized          Establishes
public key          public exponent generated             electronicall    volatile         after session     Secured Session
                                                          y in plaintext   memory in        is over           Key during SSH or
                                                          form             plaintex                           TLS sessions
SSH
                    HMAC-SHA1            Generated        Never exits      Stored inside    By global         It is used for data
Authentication
                                         internally       the module       the volatile     zeroize           authentication
Key
                                                                           memory in        command           during SSH
                                                                           plaintext,                         sessions
                                                                           inside the
                                                                           module

Crypto-Officer      Password             Entered in       Never exits      Hash value of    By global         Enables Crypto-
Password                                 plaintext        the module       the password     zeroize           Officer role
                                                                           is stored in     command
                                                                           flash
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 30 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



    Key
                                         Generation
/Component/             Key Type                             Output           Storage        Zeroization                 Use
                                           / Input
   CSP
User Password       Password             Entered in       Never exits      Hash value of    By global         Enables the User
                                         plaintext        the module       the password     zeroize           role
                                                                           is stored in     command
                                                                           flash
ANSI X9.31          16 bytes of seed Independently Never exits             Resides in       Zeroized          Seeds the ANSI
PRNG Seed                            generated by the module               volatile         after session     X9.31 PRNG
                                     the non-                              memory in        is over
                                     approved                              plaintext
                                     PRNG
ANSI X9.31          32 bytes of seed Independently Never exits             Resides in       Zeroized          Seeds the ANSI
PRNG Seed           key              generated by the module               volatile         after session     X9.31 PRNG
Key                                  the non-                              memory in        is over
                                     approved                              plaintext
                                     PRNG
HMAC Key            HMAC SHA-1           Internally       Exits in         Resides in       Zeroized          Securely exchange
                                         Generated        plaintext        volatile         after session     information during
                                                                           memory in        is over           SSH session
                                                                           plaintext

The iDirect Signed Key is a 2048-bit RSA public key hard-coded into the modules. This key is externally
generated and is used for verifying the integrity of the modules’ firmware during power-up and upgrade.
The iDirect Signed Key is stored in flash and never zeroized.

DCC keys are AES CBC 256-bit keys that are used to encrypt/decrypt routing traffic flowing across the
satellite network. AES cipher operation using DCC keys is performed by the FPGA implementation of the
modules. These keys are generated by the Protocol Processor blade, external to the cryptographic boundary
and entered into the modules in encrypted form (RSA key transport). The modules do not provide any
Application Programming Interface (API) access to the DCC keys. These AES keys are stored in volatile
memory in plaintext and can be zeroized by using the global zeroize command issued from the CLI.

Secured Session keys are also AES CBC 256-bit keys that are used to provide a secure management session
over SSH and TLS. The Secured Session Key is generated internally during DH key agreement. The AES
key is stored only in volatile memory and is zeroized upon session termination.

ACC keys are AES CBC 256-bit keys used to encrypt all traffic and traffic headers that are required for a
remote to acquire the network. AES cipher operation using ACC keys is performed by the FPGA
implementation of the module. These keys are generated by the Protocol Processor blade, external to the
cryptographic boundary and entered into the module in encrypted form. When a remote has not been in the
network for a long period of time (approx. 2 months) or when a new remote joins the network, it cannot
transmit and receive data without the ACC key. In such cases, the ACC key has to be entered by the
Crypto-Officer through the secure console port. The AES keys are stored in volatile memory and in non-
volatile memory in plaintext. The modules do not provide any Application Programming Interface (API)
access to the ACC keys. They can be zeroized by using the global zeroize command issued from the CLI.

When a modem is configured to have link encryption enabled, it will generate a Link Encryption Key upon
initialization. A Link Encryption Key is a 256-bit AES key with CBC or CFB mode. A link Encryption
Key is the unique key used to encrypt and decrypt Layer 3 data with a remote. Each remote uses a different
Link Encryption Key. Notice that in the FIPS mode of operation, link encryption without TRANSEC is not
allowed.



VT iDirect Secure Satellite Broadband Solutions                                                                          Page 31 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



The RSA public and private key pair is generated internally by the modules and is used for TLS
authentication, key transport. The key pair is stored in flash in plaintext and zeroized by the global zeroize
command (“zeroize all”). The RSA key pair can be viewed by the Crypto-Officer in plaintext. At least two
independent actions are required to view the RSA private key.

The X.509 certificates on the hubs and remotes are issued by iDirect’s CA Foundry as per the instructions
in the iBuilder User Guide. These certificates are used in a TRANSEC network for remote and hub unit
validation. The certificates are stored in flash in plaintext and zeroized by the global zeroize command
(“zeroize all”).

The modules perform key agreement during SSH sessions using DH (1024-bit exponent) mechanism. The
DH private key is calculated during session initialization and resides only in volatile memory in plaintext.
The modules do not provide any API to access the DH private key. The private key is zeroized after the
session is over.

The Crypto-Officer and the User enters passwords to request access. The modules store a SHA-1 based
hash value for each password onto the flash and never exports it. The hash value can be zeroized by using
the modules’ zeroization command.

The X9.31 PRNG seed and seed keys are generated from the internal non-FIPS Approved PRNG. These
values are stored in volatile memory and can be destroyed by powering down the modules.



2.8 Self-Tests
If any of the power-up or conditional self-tests fail, the modules write an indicator message in the Event
log, and transitions to an error state in which all interfaces except the console port are disabled. At this
point, data input and data output are inhibited.

An exception to the above paragraph is if the module fails a firmware upgrade test. The firmware upgrade
test causes the module to enter a transient error state, which outputs an error indicator and then transitions
the module to a normal operational state.

The Crypto-Officer may execute on demand self-tests by resetting the module or cycling the modules’
power.

2.8.1 Power-Up Self-Tests
The Secure Satellite Broadband Solutions perform the following self-tests at power-up:

     • Firmware integrity check using a RSA digital signature
     • Known Answer Tests (KATs)
               AES CBC 256-bit key KAT for encrypt/decrypt (FPGA)
               AES CFB 256-bit key KAT for encrypt/decrypt (Firmware)
               Triple-DES CBC KAT for encrypt/decrypt22
               RSA KAT for sign/verify
               X9.31 PRNG KAT

The modules do not perform an independent SHA-1 KAT. The full functionality of the SHA-1
implementation is tested as part of the modules’ firmware integrity test, which uses a FIPS-Approved RSA
digital signature verification mechanism.

22
   The Triple-DES algorithm is not available for use even though the KAT is performed. Failure of this KAT will result
in an error.
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 32 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




2.8.2 Conditional Self-Tests
The Secure Satellite Broadband Solutions perform the following conditional self-tests:
     • Continuous random number generator test
     • Continuous random number generator test for the entropy gathering
     • RSA pair wise consistency check
     • Firmware upgrade test



2.9 Design Assurance
VT iDirect utilizes Concurrent Versioning Systems (CVS) for its version control system. VT iDirect
maintains a unique branch for each major release and on occasion creates branches for special or
experimental releases. The FIPS-specific version of VT iDirect firmware is maintained on a dedicated
branch, with strict controls on any modification. VT iDirect refers to its entire firmware package as iDX.
VT iDirect maintains all project software, configuration files, documentation, FPGA code, bill of material),
3rd party software, and 3rd party binary executables within its Configuration Management system.

Additionally, Microsoft Visual SourceSafe version 6.0 was used to provide configuration management for
the modules’ FIPS documentation. A revision history is maintained by Visual SourceSafe.

2.10 Mitigation of Other Attacks
This section is not applicable. The modules do not claim to mitigate any attacks beyond the FIPS 140-2
Level 1 requirements for this validation.




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 33 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




              3                          Secure Operation
The Secure Satellite Broadband Solutions meet overall Level 1 requirements for FIPS 140-2. The sections
below describe how to place and keep the module in FIPS-approved mode of operation.



3.1 Crypto-Officer Guidance
The Crypto-Officer is responsible for installing, configuring, and monitoring the modules. For any
questions or if issues arise at any point during the installation, configuration, and daily operation of
the modules, contact the VT iDirect support teams:
    • For iDirect Government Technologies (iGT) customers, at +1 703 648-8111 or
         http://tac.idirectgt.com.
    • For VT iDirect Customers, +1 703-648-8151 or http://tac.idirect.net.

The Crypto-Officer can access the modules locally over the console port or remotely over a secured
session. Remote secured sessions are provided via TLS, SSH, or the satellite channel.

3.1.1 Initialization
While the modules are shipped with the Linux OS configured for single user mode, they must be
configured for use in a TRANSEC-enabled network using a TRANSEC-enabled Protocol Processor and the
iBuilder application. All network elements that subsequently created under a TRANSEC-enabled protocol
processor will become part of the TRANSEC-compliant network.

This process involves configuring each respective module in iBuilder (entering the device type, serial
number, Satellite and LAN23 IP addresses, db threshold, etc.), uploading the resulting “options file”, issuing
the Certificate Authority (CA) via the CA Foundry utility in the Network Management Server (NMS), un-
checking the “Disable Authentication” option in iBuilder and finally re-uploading the new options file and
resetting each module. The resulting TRANSEC-enabled network operates in the FIPS-Approved mode.
Note that, while operating in the FIPS-Approved mode of operation, no bypass services are supported. In-
depth and detailed guidance for configuring, operating, and maintaining an iDirect satellite network is
detailed in the iDirect Network Management System iBuilder's User Guide.

The Crypto-Officer should monitor the modules’ status by regularly checking the Statistics log information.
If any irregular activity is noticed or the module is consistently having errors, then iDirect Technologies
customer support should be contacted.

3.1.2 Management
According to FIPS 140-2 requirements, the operating system of the modules must be configured in the
single user mode. For a Linux operating system to be in the single user mode, it must meet the following
requirements:
       • All login accounts except “root” should be removed.
       • Network Information Service (NIS) and other named services for users and groups need to be
         disabled.
       • All remote login, remote command execution, and file transfer daemons should be turned off.

iDirect follows the following procedures to configure Linux operating system in single user mode:
    1. Log in as the “root” user.


23
     LAN – Local Area Network
VT iDirect Secure Satellite Broadband Solutions                                                                          Page 34 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012



     2. Edit the system files /etc/passwd and /etc/shadow and remove all the users except “root” and the
        pseudo-users. Make sure the password fields in /etc/shadow for the pseudo-users are either a star
        (*) or double exclamation mark (!!). This prevents login as the pseudo-users.
     3. Edit the system file /etc/nsswitch.conf and make “files” the only option for “passwd”, “group”, and
        “shadow”. This disables NIS and other name services for users and groups.
     4. Reboot the system for the changes to take effect.

When the modules are received by the Crypto-Officer, the Linux operating system has already been
configured in the single user mode. It is suggested that the Crypto-Officer confirm that the above steps
have been taken in order to ensure that the operating system is in fact running in single user mode.

By default the modules are not usable in the network. In order to initialize the modules, the Crypto-Officer
must define the modules in their iBuilder under a TRANSEC enabled protocol processor and generate
options for the modules. For detailed information on initialization, please refer to the iDirect Network
Management System iBuilder's User Guide.

3.2 User Guidance
The User role is able to access the modules over the satellite network and execute commands that are not
security-relevant. See Table 6, Table 7, and Table 8 for a list of commands available to the User role.

3.3 Client User Guidance
The Client User role utilizes the modules’ traffic routing services. The Client User role is implicitly
assumed by a network device or application routing traffic through the modules. There are no special
instructions for the Client User to use the modules securely. The Client User should make sure the network
is configured with TRANSEC feature (i.e. the FIPS mode of operation) before participating in the network.




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 35 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




              4                          Acronyms
Table 12 lists all of the acronyms used throughout this document.
                                                   Table 12 – Acronyms

             Acronym                                                Definition
                 AES           Advanced Encryption Standard
                ANSI           American National Standards Institute
                 API           Application Programming Interface
                BNC            Bayonet Neill-Concelman connector
                BUC            Block Up-Converter
                 CA            Certificate Authority

                CBC            Cipher Block Chaining

                 CFB           Cipher Feedback Mode
                 CLI           Command Line Interface
               CMVP            Cryptographic Module Validation Program
                CPU            Central Processing Unit
                CSEC           Communications Security Establishment Canada
                 CSP           Critical Security Parameter
                 CVS           Concurrent Versioning System
                 DH            Diffie-Hellman
              DVB-S2           Digital Video Broadcast – Satellite – Second Generation
                EMC            Electromagnetic Compatibility
                 EMI           Electromagnetic Interference
                FIPS           Federal Information Processing Standard
               FPGA            Field Programmable Gate Array
                GPIO           General Purpose Input/Output
                 GPS           Global Positioning System
               HDLC            High-Level Data Link Control
                ICMP           Internet Control Message Protocol
                  IP           Internet Protocol
                KAT            Known Answer Test
                LAN            Local Area Network
                  LC           Line Card
                 LED           Light Emitting Diode
                LNB            Low Noise Block

VT iDirect Secure Satellite Broadband Solutions                                                                          Page 36 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
Security Policy, Version 1.2                                                                                         April 15, 2012




             Acronym                                                Definition
                MAC            Media Access Control
                MHz            Mega Hertz
                MUX            Multiplexer
                 NIS           Network Information Service
                NIST           National Institute of Standards and Technology
                NMS            Network Management Server
                OOB            Out of Band
                  OS           Operating System
                 PCB           Printed Circuit Board
                 PCI           Peripheral Component Interconnect
                PKCS           Public Key Cryptography Standard
               PRNG            Pseudo Random Number Generator
                 QoS           Quality of Service
                  RF           Radio Frequency
                  RJ           Registered Jack
               RS-232          Recommended Standard 232
                 RSA           Rivest Shamir and Adleman
                  Rx           Receiver Coaxial Connector
                SHA            Secure Hash Algorithm
                SMA            SubMiniature version A
                 SSH           Secure Shell
                TDES           Triple Data Encryption Standard
               TDMA            Time Division Multiple Access
                 TLS           Transport Layer Security
            TRANSEC Transmission Security
                  Tx           Transmitter Coaxial Connector
                ULC            Universal Line Card
                VPN            Virtual Private Network




VT iDirect Secure Satellite Broadband Solutions                                                                          Page 37 of 38
                                                    © 2012 VT iDirect, Inc.
              This document may be freely reproduced and distributed whole and intact including this copyright notice.
             Prepared by:
         Corsec Security, Inc.




13135 Lee Jackson Memorial Hwy, Suite 220
            Fairfax, VA 22033
         United States of America

        Phone: +1 (703) 267-6050
         Email: info@corsec.com
         http://www.corsec.com