Dell W-AP134 - Manual - manualsarea.com

Page 5 - Introduction; Aruba Dell Relationship; Table 1 - Corresponding Aruba and Dell Part Numbers; Acronyms and Abbreviations; CPSec

5 1 Introduction This document constitutes the non-proprietary Cryptographic Module Security Policy for the AP-134, AP-135 Wireless Access Points with FIPS 140-2 Level 2 validation from Aruba Networks. This security policy describes how the AP meets the security requirements of FIPS 140-2 Level 2, a...

Page 7 - Product Overview; Aruba Part Number; Interfaces

7 2 Product Overview This section introduces the various Aruba Wireless Access Points, providing a brief overview and summary of the physical features of each model covered by this FIPS 140-2 security policy. 2.1 AP-134 This section introduces the Aruba AP-134 Wireless Access Point (AP) with FIPS 14...

Page 11 - Module Objectives; Security Levels; Section Section Title; Physical Security

11 3 Module Objectives This section describes the assurance levels for each of the areas described in the FIPS 140 -2 Standard. In addition, it provides information on placing the module in a FIPS 140-2 approved configuration. 3.1 Security Levels Section Section Title Level 1 Cryptographic Module Sp...

Page 12 - To detect opening of the chassis cover:; To detect access to restricted ports

12 3.2.2 AP-134 TEL Placement This section displays all the TEL locations of the Aruba AP-134. The AP-134 requires a minimum of 5 TELs to be applied as follows: 3.2.2.1 To detect opening of the chassis cover: 1. Spanning the bottom and top chassis covers and placed in the front left corner 2. Spanni...

Page 16 - Modes of Operation

16 3.3 Modes of Operation The module has the following FIPS approved modes of operations: • Remote AP (RAP) FIPS mode – When the module is configured as a Remote AP, it is intended to be deployed in a remote location (relative to the Mobility Controller). The module provides cryptographic processing...

Page 17 - Configuration > Controller > Control Plane Security

17 6. If the staging controller does not provide PoE, either ensure the presence of a PoE injector for the LAN connection between the module and the controller, or ensure the presence of a DC power supply appropriate to the particular model of the module. 7. Connect the module via an Ethernet cable ...

Page 18 - Configuring Remote Mesh Portal FIPS Mode

18 7. Connect the module via an Ethernet cable to the staging controller; note that this should be a direct connection, with no intervening network or devices; if PoE is being supplied by an injector, this represents the only exception. That is, nothing other than a PoE injector should be present be...

Page 19 - Configuring Remote Mesh Point FIPS Mode

19 Section “Provisioning an Individual AP” of Chapter “The Basic User-Centric Networks” of the Aruba OS User Guide. Click “Apply and Reboot” to complete the provisioning process. a. During the provisioning process as Remote Mesh Portal, if Pre-shared key is selected to be the Remote IP Authenticatio...

Page 20 - Verify that the module is in FIPS mode; Operational Environment

20 represents the only exception. That is, nothing other than a PoE injector should be present between the module and the staging controller. 8. Once the module is connected to the controller by the Ethernet cable, navigate to the Configuration > Wireless > AP Installation page, where you shou...

Page 21 - Logical Interfaces; FIPS 140-2 Logical Interface

21 3.5 Logical Interfaces The physical interfaces are divided into logical interfaces defined by FIPS 140 -2 as described in the following table. FIPS 140-2 Logical Interface Module Physical Interface Data Input Interface 10/100/1000 Ethernet Ports 802.11a/b/g/n Radio Transceiver Data Output Interfa...

Page 22 - Roles, Authentication and Services

22 4 Roles, Authentication and Services 4.1 Roles The module supports the roles of Crypto Officer, User, and Wireless Client; no additional roles (e.g., Maintenance) are supported. Administrative operations carried out by the Aruba Mobility Controller map to the Crypto Officer role. The Crypto Offic...

Page 23 - Strength of Authentication Mechanisms; Mechanism Strength

23 4.1.2 User Authentication Authentication for the User role depends on the module configuration. When the module is configured as a Remote Mesh Portal FIPS mode and Remote Mesh Point FIPS mode, the User role is authenticated via the WPA2 pre-shared key. When the module is configured as a Remote AP...

Page 29 - Cryptographic Algorithms; Non-FIPS Approved Algorithms

29 5 Cryptographic Algorithms FIPS-approved cryptographic algorithms have been implemented in hardware and firmware. The firmware supports the following cryptographic implementations.  ArubaOS OpenSSL AP Module implements the following FIPS-approved algorithms: o AES (Cert. #1851) o HMAC (Cert. #10...

Page 30 - Critical Security Parameters

30 6 Critical Security Parameters The following Critical Security Parameters (CSPs) are used by the module: CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE Key Encryption Key (KEK) Triple-DES 168-bits key Hard-coded Stored in flash, zeroized by the ‘ap wipe out flash’ command. Encrypts IKEv1/IK...

Page 34 - Self Tests

34 7 Self Tests The module performs the following Self Tests after being configured into either Remote AP mode or Remote Mesh Portal mode. The module performs both power-up and conditional self-tests. In the event any self-test fails, the module enters an error state, logs the error, and reboots aut...

Dell W-AP134 - Manual

Table of Contents:

Summary

Other Dell Models