Dell W-AP93, W- AP92, W-AP105 Introduction, Aruba Dell Relationship, Acronyms and Abbreviations

Page 5

1 Introduction

This document constitutes the non-proprietary Cryptographic Module Security Policy for the AP-92, AP- 93, AP-105 and AP-175 Wireless Access Points with FIPS 140-2 Level 2 validation from Aruba Networks. This security policy describes how the AP meets the security requirements of FIPS 140-2 Level 2, and how to place and maintain the AP in a secure FIPS 140-2 mode. This policy was prepared as part of the FIPS 140-2 Level 2 validation of the product.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2, Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) Web-site at:

http://csrc.nist.gov/groups/STM/cmvp/index.html

This document can be freely distributed.

1.1 Aruba Dell Relationship

Aruba Networks is the OEM for the Dell PowerConnect W line of products. Dell products are identical to the Aruba products other than branding and Dell software is identical to Aruba software other than branding.

Table 1 - Corresponding Aruba and Dell Part Numbers

Aruba Part Number

Dell Corresponding Part Number

 

 

AP-92-F1

W-AP92-F1

 

 

AP-93-F1

W-AP93-F1

 

 

AP-105-F1

W-AP105-F1

 

 

AP-175P-F1

W-AP175P-F1

 

 

AP-175AC-F1

W-AP175AC-F1

 

 

AP-175DC-F1

W-AP175DC-F1

 

 

NOTE: References to Aruba, ArubaOS, Aruba AP-92, Aruba AP-93, Aruba AP-105 and Aruba AP-175 wireless access points apply to both the Aruba and Dell versions of these products and documentation.

1.2 Acronyms and Abbreviations

AES

Advanced Encryption Standard

AP

Access Point

CBC

Cipher Block Chaining

CLI

Command Line Interface

CO

Crypto Officer

CPSec

Control Plane Security protected

CSEC

Communications Security Establishment Canada

CSP

Critical Security Parameter

ECO

External Crypto Officer

EMC

Electromagnetic Compatibility

EMI

Electromagnetic Interference

FE

Fast Ethernet

5

Page 4 Page 6
Image 5
Page 4 Page 6
Contents Version Feb Aruba Networks Crossman Ave Sunnyvale, CA Page AP-105 Series Aruba Dell Relationship Acronyms and AbbreviationsAP-175 Series Security Levels Physical SecurityROLES, Authentication and Services Acronyms and Abbreviations IntroductionAruba Dell Relationship IPSec GHzAP-92 Product OverviewPhysical Description Aruba Part Number Dell Corresponding Part NumberEnet AP-92 Indicator LEDs Label Function Action StatusPWR Label Function Action Status AP-93AP-93 Indicator LEDs Label Function Action Status AP-105 Series AP-105 Wireless Access PointAP-105 Indicator LEDs Label Function Action Status AP-175 Series AP-175 Wireless Access PointPhysical Description Function Action Status Position AP-175 Indicator LEDs LabelSecurity Levels Module ObjectivesPhysical Security Applying TELsAP-92 Tel placement front view 2 AP-92 TEL PlacementAruba AP-92 Tel placement right view Aruba AP-92 Tel placement bottom view 3 AP-93 TEL PlacementAruba AP-93 Tel placement left view Aruba AP-93 Tel placement top view 4 AP-105 TEL PlacementAruba AP-105 Tel placement left view Aruba AP-105 Tel placement bottom view 5 AP-175 TEL PlacementAruba AP-175 Tel placement back view Aruba AP-175 Tel placement top view Inspection/Testing of Physical Security MechanismsModes of Operation Configuring Remote AP Fips ModeEnable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips modeFips 140-2 Logical Interfaces Module Physical Interface Logical InterfacesRoles Roles, Authentication and ServicesCrypto Officer Authentication Wireless Client Authentication User AuthenticationStrength of Authentication Mechanisms Authentication Mechanism StrengthWPA2-PSK Crypto Officer Services ServicesWPA2 PSK KEKPMK User ServicesPTK Eapol MICUnauthenticated Services Wireless Client Services∙ FTP ∙ Tftp ∙ NTP Non-FIPS Approved Algorithms Cryptographic AlgorithmsHmac Critical Security ParametersRNG AES-CCM PSKGTK GMKSelf Tests For an AES Atheros hardware Post failure
Top Page Image Contents