Non-Proprietary Security Policy, Version 0.18
May 25, 2007
Nortel VPN Router 600, 1700, 1750, 2700, and 5000
Page 19 of 23
© 2007 Nortel Networks
This document may be freely reproduced and distributed whole and intact including this copyright notice.
2 Secure Operation
The VPN Router 600, 1700, 1750, 2700, and 5000 meets Level 2 requirements for FIPS 140-2. The sections below
describe how to place and keep the module in FIPS-approved mode of operation.
2.1 Initial Setup
Before enabling FIPS Mode, the tamper evident labels must be applied as shown below. For more details on steps
for applying, monitoring and logging the tamper evidence labels see Chapter 2, "Labeling the Contivity Secure IP
Services Gateway", of the Using Contivity Secure IP Services Gateways in FIPS Mode document.
The Nortel VPN Router 600 requires one tamper-evident label covering rear panel and the top side.
Figure 7 - Tamper evidence label for top cover of 600
To seal the Nortel VPN Router 1700, 1750, and 2700, three tamper-evident labels need to be placed on the front
bezel. A label should be put on each of the two bezel screws and another should be overlapped on the center section
and bezel.
Figure 8 - Tamper evidence label for 1700, 1750, and 2700