Chapter 9: Security Management200Note: When using the P2CIM-AUSBDUAL or P2CIM-APS2DUAL toattach a target to two Dominion KX IIs, if Private access to the targets isrequired, both KVM switches must have Private set as their PC ShareMode.See Supported Paragon CIMS and Configurations (on page 267) foradditional information on using Paragon CIMs with the Dominion KX II.Checking Your Browser for AES EncryptionThe Dominion KX II supports AES-256. If you do not know if yourbrowser uses AES, check with the browser manufacturer or navigate tothe https://www.fortify.net/sslcheck.html website using the browser withthe encryption method you want to check. This website detects yourbrowser's encryption method and displays a report.Note: IE6 does not support AES 128 or 256-bit encryption.AES 256 Prerequisites and Supported ConfigurationsAES 256-bit encryption is supported on the following web browsers only: Firefox® 2.0.0.x and 3 Mozilla® 1.7.13 Internet Explorer® 7 and 8In addition to browser support, AES 256-bit encryption requires theinstallation of Java™ Cryptography Extension (JCE) Unlimited StrengthJurisdiction Policy Files.Jurisdiction files for various JREs™ are available at the “other downloads”section of the following link: JRE1.6 - http://java.sun.com/javase/downloads/index_jdk5.jspEnabling FIPS 140-2For government and other high security environments, enabling FIPS140-2 mode may be desirable. The Dominion KX II uses an embeddedFIPS 140-2-validated cryptographic module running on a Linux® platformper FIPS 140-2 Implementation Guidance section G.5 guidelines. Oncethis mode is enabled, the private key used to generate the SSLcertificates must be internally generated; it cannot be downloaded orexported.To enable FIPS 140-2:1. Access the Encryption & Share page (see Encryption & Share (onpage 197)).