Appendix D: FAQs231SecurityQuestion AnswerWhat kind of encryptiondoes Dominion KX IIuse?Dominion KX II uses industry-standard (and extremely secure) 128-bitRC4 or AES encryption, both in its SSL communications as well as itsown data stream. Literally no data is transmitted between remoteclients and Dominion KX II that is not completely secured byencryption.Does Dominion KX IIsupport AES encryptionas recommended by theUS Government's NISTand FIPs standards?The Dominion KX II utilizes the Advanced Encryption Standard (AES)encryption for added security.AES is a US government approved cryptographic algorithm that isrecommended by the National Institute of Standards and Technology(NIST) in the FIPS Standard 197.Does Dominion KX IIallow encryption ofvideo data? Or does itonly encrypt keyboardand mouse data?Unlike competing solutions, which only encrypt keyboard and mousedata, Dominion KX II does not compromise security - it allowsencryption of keyboard, mouse and video data.How does Dominion KXII integrate with externalauthentication serverssuch as Active Directory,RADIUS, or LDAP?Through a very simple configuration, Dominion KX II can be set toforward all authentication requests to an external server such as LDAP,Active Directory, or RADIUS. For each authenticated user, DominionKX II receives from the authentication server the user group to whichthat user belongs. Dominion KX II then determines the user's accesspermissions depending on the user group to which he or she belongs.How are usernames andpasswords stored?Should Dominion KX II's internal authentication capabilities be used,all sensitive information such as usernames and passwords are storedin an encrypted format. Literally no one, including Raritan technicalsupport or Product Engineering departments, can retrieve thoseusernames and passwords.Does Dominion KX IIsupport strongpassword?Yes. The Dominion KX II has administrator-configurable, strongpassword checking to ensure that user-created passwords meetcorporate and/or government standards and are resistant to brute forcehacking.