Chapter 4: KX III Administrator Help163FIPS 140-2 Support RequirementsThe KX III supports the use of FIPS 140-2 approved encryptionalgorithms. This allows an SSL server and client to successfullynegotiate the cipher suite used for the encrypted session when a client isconfigured for FIPS 140-2 only mode.Following are the recommendations for using FIPS 140-2 with the KX III:KX III Set the Encryption & Share to Auto on the Security Settings page.See Encryption & Share.Microsoft Client FIPS 140-2 should be enabled on the client computer and in InternetExplorer.To enable FIPS 140-2 on a Windows client:1. Select Control Panel > Administrative Tools > Local Security Policyto open the Local Security Settings dialog.2. From the navigation tree, select Select Local Policies > SecurityOptions.3. Enable "System Cryptography: Use FIPS compliant algorithms forencryption, hashing and signing".4. Reboot the client computer.To enable FIPS 140-2 in Internet Explorer:1. In Internet Explorer, select Tools > Internet Options and click on theAdvanced tab.2. Select the Use TLS 1.0 checkbox.3. Restart the browser.Configuring IP Access ControlUsing IP access control, you control access to your KX III. Note that IPaccess control restricts traffic of any kind from accessing the KX III, soNTP servers, RADIUS hosts, DNS hosts and so on must be grantedaccess to the KX III.By setting a global Access Control List (ACL) you are ensuring that yourdevice does not respond to packets being sent from disallowed IPaddresses. The IP access control is global, affecting the KX III as awhole, but you can also control access to your device at the group level.See Group-Based IP ACL (Access Control List) (on page 60) for moreinformation about group-level control.Important: IP address 127.0.0.1 is used by the KX III local port. When