Dell AP-135, AP-134 manual Introduction, Aruba Dell Relationship, Acronyms and Abbreviations, CPSec

Page 5

1 Introduction

This document constitutes the non-proprietary Cryptographic Module Security Policy for the AP-134, AP- 135 Wireless Access Points with FIPS 140-2 Level 2 validation from Aruba Networks. This security policy describes how the AP meets the security requirements of FIPS 140-2 Level 2, and how to place and maintain the AP in a secure FIPS 140-2 mode. This policy was prepared as part of the FIPS 140-2 Level 2 validation of the product.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2, Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) Web-site at:

http://csrc.nist.gov/groups/STM/cmvp/index.html

This document can be freely distributed.

1.1 Aruba Dell Relationship

Aruba Networks is the OEM for the Dell PowerConnect W line of products. Dell products are identical to the Aruba products other than branding and Dell software is identical to Aruba software other than branding.

Table 1 - Corresponding Aruba and Dell Part Numbers

Aruba Part Number

Dell Corresponding Part Number

 

 

AP-134-F1

W-AP134-F1

 

 

AP-135-F1

W-AP135-F1

 

 

NOTE: References to Aruba, ArubaOS, Aruba AP-134 and AP-135 wireless access points apply to both the Aruba and Dell versions of these products and documentation.

1.2 Acronyms and Abbreviations

AES

Advanced Encryption Standard

AP

Access Point

CBC

Cipher Block Chaining

CLI

Command Line Interface

CO

Crypto Officer

CPSec

Control Plane Security protected

CSEC

Communications Security Establishment Canada

CSP

Critical Security Parameter

ECO

External Crypto Officer

EMC

Electromagnetic Compatibility

EMI

Electromagnetic Interference

FE

Fast Ethernet

GE

Gigabit Ethernet

GHz

Gigahertz

HMAC

Hashed Message Authentication Code

Hz

Hertz

IKE

Internet Key Exchange

IPsec

Internet Protocol security

KAT

Known Answer Test

KEK

Key Encryption Key

L2TP

Layer-2 Tunneling Protocol

LAN

Local Area Network

LED

Light Emitting Diode

5

Page 4 Page 6
Image 5
Page 4 Page 6
Contents Fips 140-2 Non-Proprietary Security Policy Page Security Levels Physical Security Aruba Dell Relationship Acronyms and AbbreviationsModes of Operation Operational Environment Logical InterfacesServices Aruba Dell Relationship IntroductionAcronyms and Abbreviations CPSecSHA AP-134 Product OverviewPhysical Description Aruba Part Number Dell Corresponding Part NumberPWR AP-134 Indicator LEDs Label Function Action StatusENET0 ENET1AP-135 AP-135 Indicator LEDs Label Function Action Status Security Levels Module ObjectivesPhysical Security Applying TELsAP-134 Front view 2 AP-134 TEL PlacementAP-134 Top View 3 AP-135 TEL PlacementAP-135 Front view AP-135 Top view Inspection/Testing of Physical Security MechanismsModes of Operation Configuring Remote AP Fips ModeEnable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips modeFips 140-2 Logical Interface Module Physical Interface Logical InterfacesRoles Roles, Authentication and ServicesCrypto Officer Authentication Wireless Client Authentication User AuthenticationStrength of Authentication Mechanisms Authentication Mechanism StrengthWPA2-PSK Crypto Officer Services ServicesWPA2 PSK KEKPMK User ServicesPTK Eapol MICUnauthenticated Services Wireless Client Services∙ FTP ∙ Tftp ∙ NTP Non-FIPS Approved Algorithms Cryptographic AlgorithmsHmac Critical Security ParametersRNG AES-CCM PSKGTK GMKSelf Tests For an AES Atheros hardware Post failure
Top Page Image Contents