Dell W-AP93, W- AP92, W-AP105, AP-92, AP-175 manual Wireless Client Services, Unauthenticated Services

Page 37

Service

Description

CSPs Accessed (see section 6

 

 

below for complete description of

 

 

CSPs)

 

 

 

 

 

 

∙ 802.11i AES-CCM key

 

 

802.11i GMK

 

 

802.11i GTK

 

 

 

 

Use of WPA pre-shared key for

When the module is in mesh

 

 

establishment of IEEE 802.11i

configuration, the inter-module

WPA2 PSK

keys

mesh links are secured with

 

 

 

802.11i. This is authenticated

 

 

 

with a shared secret

 

 

 

 

 

 

4.2.3 Wireless Client Services

The following module services are provided for the Wireless Client role in each of FIPS approved modes defined in section 3.3.

Service

Description

CSPs Accessed (see section 6

 

 

below for complete description of

 

 

CSPs)

 

 

 

 

 

Generation and use of 802.11i

In all modes, the links between

802.11i PMK

cryptographic keys

the module and wireless client are

802.11i PTK

 

secured with 802.11i.

 

 

 

 

 

802.11i EAPOL MIC

 

 

 

Key

 

 

802.11i EAPOL

 

 

 

Encryption Key

 

 

∙ 802.11i AES-CCM key

 

 

802.11i GMK

 

 

802.11i GTK

 

 

 

 

Use of WPA pre-shared key for

When the module is in advanced

 

 

establishment of IEEE 802.11i

Remote AP configuration, the

WPA2 PSK

keys

links between the module and the

 

 

 

wireless client are secured with

 

 

 

802.11i. This is authenticated

 

 

 

with a shared secret only.

 

 

 

 

 

 

Wireless bridging services

The module bridges traffic

 

 

 

between the wireless client and

None

 

the wired network.

 

 

 

 

 

 

 

4.2.4 Unauthenticated Services

The module provides the following unauthenticated services, which are available regardless of role. No CSPs are accessed by these services.

37

Image 37
Contents Version Feb Aruba Networks Crossman Ave Sunnyvale, CA Page AP-105 Series Aruba Dell Relationship Acronyms and AbbreviationsAP-175 Series Security Levels Physical SecurityROLES, Authentication and Services Aruba Dell Relationship IntroductionAcronyms and Abbreviations IPSec GHzAP-92 Product OverviewPhysical Description Aruba Part Number Dell Corresponding Part NumberPWR AP-92 Indicator LEDs Label Function Action StatusEnet Label Function Action Status AP-93AP-93 Indicator LEDs Label Function Action Status AP-105 Series AP-105 Wireless Access PointAP-105 Indicator LEDs Label Function Action Status AP-175 Series AP-175 Wireless Access PointPhysical Description Function Action Status Position AP-175 Indicator LEDs LabelSecurity Levels Module ObjectivesPhysical Security Applying TELsAP-92 Tel placement front view 2 AP-92 TEL PlacementAruba AP-92 Tel placement right view Aruba AP-92 Tel placement bottom view 3 AP-93 TEL PlacementAruba AP-93 Tel placement left view Aruba AP-93 Tel placement top view 4 AP-105 TEL PlacementAruba AP-105 Tel placement left view Aruba AP-105 Tel placement bottom view 5 AP-175 TEL PlacementAruba AP-175 Tel placement back view Aruba AP-175 Tel placement top view Inspection/Testing of Physical Security MechanismsModes of Operation Configuring Remote AP Fips ModeEnable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips modeFips 140-2 Logical Interfaces Module Physical Interface Logical InterfacesCrypto Officer Authentication Roles, Authentication and ServicesRoles Wireless Client Authentication User AuthenticationStrength of Authentication Mechanisms Authentication Mechanism StrengthWPA2-PSK Crypto Officer Services ServicesWPA2 PSK KEKPMK User ServicesPTK Eapol MICUnauthenticated Services Wireless Client Services∙ FTP ∙ Tftp ∙ NTP Non-FIPS Approved Algorithms Cryptographic AlgorithmsHmac Critical Security ParametersRNG AES-CCM PSKGTK GMKSelf Tests For an AES Atheros hardware Post failure