BlackBerry Forums Support Community               

Closed Thread
 
LinkBack Thread Tools
Old 09-13-2006, 01:22 PM   #1 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Mar 2005
Location: Washington DC
Model: all
Carrier: All carrier's
Posts: 315
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default fips 140-2

Please Login to Remove!

i have looked for hours!!!

does anyone know how I can get a listing of what the FIPS 140-1 template is for the BES.

I need to see what the actual settings are for this it policy. My CIO is working me to death today!!! I searched blackberry.com website for hours... and have not been able to view the properties... in the old console you could view the settings, but this new one...geesh...

please help.
Offline  
Old 09-13-2006, 01:36 PM   #2 (permalink)
Thumbs Must Hurt
 
Join Date: Mar 2006
Model: 8800c
Carrier: Cingular
Posts: 112
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

I'm not 100% what you're looking for, but I've got the old console installed and this is what it has for the FIPS Level IT Policy options. I hope it helps.



Specify the level of Federal Information Processing Standard (FIPS) compliance.

Level 1: You can apply Level 1 compliance to Java-based BlackBerry devices using BlackBerry Device Software version 3.3.0 and later. Level 1 compliance affects the BlackBerry Cryptographic Kernel, which is the embedded cryptographic module required for basic operation of the BlackBerry device.

Level 2: You can apply Level 2 compliance to Java-based BlackBerry devices using BlackBerry device software version 4.0 and later. Level 2 compliance affects only the BlackBerry device software and does not result in the BlackBerry device meeting FIPS 140-2 Level 2 hardware security requirements.

Warning: Selecting Level 2 prevents WTLS from using the RC5 cipher, which can result in problems using the WTLS protocol.

Set this rule to Level 2 to force all BlackBerry device software to operate in a FIPS-compliant mode of operation and enforce the following IT policy rules with these values:
Password Required = True
Minimum Password Length >= 5 characters
Suppress Password Echo = True
SMIME Allowed Content Ciphers = AES (256-bit)
AES (192-bit)
AES (128-bit)
Triple DES
TLS Restrict FIPS Ciphers = True
PGP Allowed Content Ciphers = AES (256-bit)
AES (192-bit)
AES (128-bit)
Triple DES
Disallow Third Party Application Downloads = True

This rule can have one of the following values:

1 - FIPS 140-2 Level 1 compliance
2 - FIPS 140-2 Level 2 compliance

If you do not set this rule, a default value of 1 will be used.

This rule applies only to Java-based BlackBerry devices version 4.0.0 and higher.
Offline  
Old 09-13-2006, 02:00 PM   #3 (permalink)
Talking BlackBerry Encyclopedia
 
Join Date: Mar 2005
Location: Washington DC
Model: all
Carrier: All carrier's
Posts: 315
Post Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by edonin
I'm not 100% what you're looking for, but I've got the old console installed and this is what it has for the FIPS Level IT Policy options. I hope it helps.



Specify the level of Federal Information Processing Standard (FIPS) compliance.

Level 1: You can apply Level 1 compliance to Java-based BlackBerry devices using BlackBerry Device Software version 3.3.0 and later. Level 1 compliance affects the BlackBerry Cryptographic Kernel, which is the embedded cryptographic module required for basic operation of the BlackBerry device.

Level 2: You can apply Level 2 compliance to Java-based BlackBerry devices using BlackBerry device software version 4.0 and later. Level 2 compliance affects only the BlackBerry device software and does not result in the BlackBerry device meeting FIPS 140-2 Level 2 hardware security requirements.

Warning: Selecting Level 2 prevents WTLS from using the RC5 cipher, which can result in problems using the WTLS protocol.

Set this rule to Level 2 to force all BlackBerry device software to operate in a FIPS-compliant mode of operation and enforce the following IT policy rules with these values:
Password Required = True
Minimum Password Length >= 5 characters
Suppress Password Echo = True
SMIME Allowed Content Ciphers = AES (256-bit)
AES (192-bit)
AES (128-bit)
Triple DES
TLS Restrict FIPS Ciphers = True
PGP Allowed Content Ciphers = AES (256-bit)
AES (192-bit)
AES (128-bit)
Triple DES
Disallow Third Party Application Downloads = True

This rule can have one of the following values:

1 - FIPS 140-2 Level 1 compliance
2 - FIPS 140-2 Level 2 compliance

If you do not set this rule, a default value of 1 will be used.

This rule applies only to Java-based BlackBerry devices version 4.0.0 and higher.
thats perfect! thanks a million...Are those the ONLY settings for these templates? I would think it would be a whole slew of them.. especially since the templates for 4.1 has a 800 page manual. There has to be a way to at least view the template for v4.1...
Offline  
Closed Thread


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On





Copyright 2004-2014 BlackBerryForums.com.
The names RIM and BlackBerry are registered Trademarks of BlackBerry Inc.