Chapter 8: Security Management139FIPS 140-2 Support RequirementsThe KX II-101-V2 supports the use of FIPS 140-2 approved encryptionalgorithms. This allows an SSL server and client to successfullynegotiate the cipher suite used for the encrypted session when a client isconfigured for FIPS 140-2 only mode.Following are the recommendations for using FIPS 140-2 with the KX II-101-V2:KX II-101-V2 Set the Encryption & Share to Auto on the Security Settings page.See Encryption & Share.Microsoft Client FIPS 140-2 should be enabled on the client computer and in InternetExplorer.To enable FIPS 140-2 on a Windows client:1. Select Control Panel > Administrative Tools > Local Security Policyto open the Local Security Settings dialog.2. From the navigation tree, select Select Local Policies > SecurityOptions.3. Enable "System Cryptography: Use FIPS compliant algorithms forencryption, hashing and signing".4. Reboot the client computer.To enable FIPS 140-2 in Internet Explorer:1. In Internet Explorer, select Tools > Internet Options and click on theAdvanced tab.2. Select the Use TLS 1.0 checkbox.3. Restart the browser.Configuring IP Access ControlUsing IP access control, you can control access to your KX II-101-V2. Bysetting a global Access Control List (ACL) you are by ensuring that yourdevice does not respond to packets being sent from disallowed IPaddresses.Important: IP address 127.0.0.1 is used by the KX II-101-V2 localport. When creating an IP Access Control list, if 127.0.0.1 is withinthe range of IP addresses that are blocked, you will not have accessto the KX II-101-V2 local port.
