image image image image image

On This Page

Our switch systems, by default, work with NIST SP 800-131A, as described in the table below. 

This appendix describes how to enhance the security of a system in order to comply with the NIST SP 800-131A standard. This standard is a document which defines cryptographically “acceptable” technologies. This document explains how to protect against possible cryptographic vulnerabilities in the system by using secure methods. Because of compatibility issues, this security state is not the default of the system and it should be manually set.

Some protocols, however, cannot be operated in a manner that complies with the NIST SP 800-131A standard.

ComponentConfigurationCommand
HTTPHTTP disabledno web http enable
HTTPSHTTPS enabledno web https enable
SSL ciphers = TLS1.2web https ssl ciphers all
SSL renegotiation disabledweb https ssl renegotiation enable
SSHSSH version = 2ssh server min-version 1
SSH ciphers = aes256-ctr, aes192-ctr, aes128-ctr,
aes128-gcm@openssh.com, aes256-gcm@openssh.com		no ssh server security strict



Web Certificate

The OS supports signature generation of sha256WithRSAEncryption, sha1WithRSAEncryption self-signed certificates, and importing certificates as text in PEM format.

To configure a default certificate:

  1. Create a new sha256 certificate.

    switch (config) # crypto certificate name <cert name> generate self-signed hash-algorithm sha256

    For more details and parameters refer to the command “crypto certificate name”.

  2. Show crypto certificate detail. 

    switch (config) # show crypto certificate detail

    Search for “signature algorithm” in the output.

  3. Set this certificate as the default certificate. Run: 

    switch (config) # crypto certificate default-cert name <cert name>

To configure default parameters and create a new certificate:

  1. Define the default hash algorithm.

    switch (config) # crypto certificate generation default hash-algorithm sha256

  2. Generate a new certificate with default values.

    switch (config) # crypto certificate name <cert name> generate self-signed

    When no options are selected, the generated certificate uses the default values for each field.

To test strict mode connect to the WebUI using HTTPS and get the certificate. Search for “signature algorithm”. 

There are other ways to configure the certificate to sha256. For example, it is possible to use “certificate generation default hash-algorithm” and then regenerate the certificate using these default values. 

It is recommended to delete browsing data and previous certificates before retrying to connect to the WebUI.

Make sure not to confuse “signature algorithm” with “Thumbprint algorithm”.

SNMP

SNMPv3 supports configuring username, authentication keys and privacy keys. For authentication keys it is possible to use MD5 or SHA. For privacy keys AES or DES are to be used.

To configure strict mode, create a new user with HMAC-SHA1-96 and AES-128. Run: 

switch (config) # snmp-server user <username> v3 auth sha <password1> priv aes-128 <password2>

To verify the user in the CLI, run: 

switch (config) # show snmp user

To test strict mode, configure users and check them using the CLI, then run an SNMP request with the new users.

SNMPv1 and SNMPv2 are not considered to be secure. To run in strict mode, only use SNMPv3.

HTTPS

By default, the OS supports HTTPS encryption using TLS1.2 only. Working in TLS1.2 mode also bans MD5 ciphers which are not allowed per NIST 800-131a. In strict mode, the switch supports encryption with TLS1.2 only with the following supported ciphers:

  • RSA_WITH_AES_128_CBC_SHA256
  • RSA_WITH_AES_256_CBC_SHA256
  • DHE_RSA_WITH_AES_128_CBC_SHA256
  • DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_GCM_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

To enable all encryption methods, run:

switch (config) # web https ssl ciphers all

To enable only TLS ciphers (enabled by default), run:

switch (config) # web https ssl ciphers TLS

To enable HTTPS strict mode, run:

switch (config) # web https ssl ciphers TLS1.2

To verify which encryption methods are used, run: 

switch (config)# show web
Web User Interface:
 Web interface enabled: yes
 HTTP enabled: yes
 HTTP port: 80
 HTTP redirect to HTTPS: no
 HTTPS enabled: yes
 HTTPS port: 443
 HTTPS ssl-ciphers: TLS1.2
 HTTPS certificate name: default-cert
 Listen enabled: yes
 No Listen Interfaces.

 Inactivity timeout: disabled
 Session timeout: 2 hr 30 min
 Session renewal: 30 min

Web file transfer proxy:
 Proxy enabled: no

Web file transfer certificate authority:
 HTTPS server cert verify: yes
 HTTPS supplemental CA list: default-ca-list

On top of enabling HTTPS, to prevent security breaches HTTP must be disabled.

To disable HTTP, run: 

switch (config) # no web http enable

Code Signing

Code signing is used to verify that the data in the image is not modified by any third-party. The operating system supports signing the image files with SHA256, RSA2048 using GnuPG. 

Strict mode is operational by default.

SSH

The SSH server on the switch by default uses secure ciphers only, message authentication code (MAC), key exchange methods, and public key algorithm. When configuring SSH server to strict mode, the aforementioned security methods only use approved algorithms as detailed in the NIST 800-181A specification and the user can connect to the switch via SSH in strict mode only.

To enable strict security mode, run the following: 

switch (config) # ssh server security strict

The following ciphers are disabled for SSH when strict security is enabled:

  • 3des-cbc
  • aes256-cbc
  • aes192-cbc
  • aes128-cbc
  • rijndael-cbc@lysator.liu.se

The no form of the command disables strict security mode.

Make sure to configure the SSH server to work with minimum version 2 since 1 is vulnerable to security breaches.

To configure min-version to strict mode, run: 

switch (config) # ssh server min-version 2

Once this is done, the user cannot revert back to minimum version 1.

LDAP

By default, the switches support LDAP encryption SSL version 3 or TLS1.0 up to TLS1.2. The only banned algorithm is MD5 which is not allowed per NIST 800-131a. In strict mode, the switch supports encryption with TLS1.2 only with the following supported ciphers:

  • DHE-DSS-AES128-SHA256
  • DHE-RSA-AES128-SHA256
  • DHE-DSS-AES128-GCM-SHA256
  • DHE-RSA-AES128-GCM-SHA256
  • DHE-DSS-AES256-SHA256
  • DHE-RSA-AES256-SHA256
  • DHE-DSS-AES256-GCM-SHA384
  • DHE-RSA-AES256-GCM-SHA384
  • ECDH-ECDSA-AES128-SHA256
  • ECDH-RSA-AES128-SHA256
  • ECDH-ECDSA-AES128-GCM-SHA256
  • ECDH-RSA-AES128-GCM-SHA256
  • ECDH-ECDSA-AES256-SHA384
  • ECDH-RSA-AES256-SHA384
  • ECDH-ECDSA-AES256-GCM-SHA384
  • ECDH-RSA-AES256-GCM-SHA384
  • ECDHE-ECDSA-AES128-SHA256
  • ECDHE-RSA-AES128-SHA256
  • ECDHE-ECDSA-AES128-GCM-SHA256
  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-ECDSA-AES256-SHA384
  • ECDHE-RSA-AES256-SHA384
  • ECDHE-ECDSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES256-GCM-SHA384
  • AES128-SHA256
  • AES128-GCM-SHA256
  • AES256-SHA256
  • AES256-GCM-SHA384

To enable LDAP strict mode, run the following: 

switch (config) # ldap ssl mode {start-tls | ssl}


Both modes operate using SSL. The different lies in the connection initialization and the port used.