Aruba Networks FIPS 140-2 Introduction, Aruba Dell Relationship, Acronyms and Abbreviations, GHz

Page 5

1Introduction

This document constitutes the non-proprietary Cryptographic Module Security Policy for the AP-120 series Wireless Access Points with FIPS 140-2 Level 2 validation from Aruba Networks. This security policy describes how the AP meets the security requirements of FIPS 140-2 Level 2, and how to place and maintain the AP in a secure FIPS 140-2 mode. This policy was prepared as part of the FIPS 140-2 Level 2 validation of the product.

FIPS 140-2 (Federal Information Processing Standards Publication 140-2, Security Requirements for Cryptographic Modules) details the U.S. Government requirements for cryptographic modules. More information about the FIPS 140-2 standard and validation program is available on the National Institute of Standards and Technology (NIST) Web-site at:

http://csrc.nist.gov/groups/STM/cmvp/index.html

This document can be freely distributed.

1.1 Aruba Dell Relationship

Aruba Networks is the OEM for the Dell PowerConnect W line of products. Dell products are identical to the Aruba products other than branding and Dell firmware is identical to Aruba firmware other than branding.

Table 1 - Corresponding Aruba and Dell Part Numbers

Aruba Part Number

Dell Corresponding Part Number

 

 

AP-124-F1

W-AP124-F1

 

 

AP-125-F1

W-AP125-F1

 

 

NOTE: References to Aruba, ArubaOS, Aruba AP-120 Series wireless access points apply to both the Aruba and Dell versions of these products and documentation.

1.2 Acronyms and Abbreviations

AES

Advanced Encryption Standard

AP

Access Point

CBC

Cipher Block Chaining

CLI

Command Line Interface

CO

Crypto Officer

CPSec

Control Plane Security protected

CSEC

Communications Security Establishment Canada

CSP

Critical Security Parameter

ECO

External Crypto Officer

EMC

Electromagnetic Compatibility

EMI

Electromagnetic Interference

FE

Fast Ethernet

GE

Gigabit Ethernet

GHz

Gigahertz

HMAC

Hashed Message Authentication Code

Hz

Hertz

IKE

Internet Key Exchange

IPSec

Internet Protocol security

KAT

Known Answer Test

KEK

Key Encryption Key

L2TP

Layer-2 Tunneling Protocol

Page 4 Page 6
Image 5
Page 4 Page 6
Contents Fips 140-2 Non-Proprietary Security Policy Page Aruba Dell Relationship Acronyms and Abbreviations ServicesAruba AP-120 Series Security Levels Physical SecurityPage Aruba Dell Relationship IntroductionAcronyms and Abbreviations GHzLAN Aruba AP-120 Series Product OverviewPhysical Description Aruba Part Number Dell Corresponding Part NumberEnet Indicator LEDs Label Function Action StatusPWR Label Function Action Status Security Levels Module ObjectivesPhysical Security Applying TELsAP-124 Front view Aruba AP-124 TEL PlacementAP-124 Back view AP-124 Bottom view Aruba AP-125 TEL PlacementAP-125 Front view AP-125 Right view AP-125 Bottom view Inspection/Testing of Physical Security MechanismsModes of Operation Configuring Remote AP Fips ModeEnable Fips mode on the AP. This accomplished by going to Configuring Remote Mesh Portal Fips Mode Configuring Remote Mesh Point Fips Mode Operational Environment Verify that the module is in Fips modeFips 140-2 Logical Interfaces Module Physical Interface Logical InterfacesRoles Roles, Authentication and ServicesCrypto Officer Authentication Wireless Client Authentication User AuthenticationStrength of Authentication Mechanisms Authentication Mechanism StrengthWPA2-PSK Crypto Officer Services ServicesService Description CSPs Accessed see section WPA2 PSKService User ServicesService Description CSPs Wireless Client Services ∙ FTP ∙ Tftp ∙ NTP Unauthenticated ServicesNon-FIPS Approved Algorithms Cryptographic AlgorithmsHmac Critical Security ParametersRNG AES-CCM PSKPTK GTK GMKSelf Tests For an AES Cavium hardware Post failure
Top Page Image Contents