Module Name
Aruba AP-214, AP-215, AP-224, AP-225, AP-228, AP-274, AP-275, AP-277, AP-324, and AP-325 Wireless Access Points
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode. When installed, initialized and configured as specified in Section 13 of the Security Policy. The tamper evident labels installed as indicated in the security policy
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Aruba's 802.11ac Wi-Fi access points operate at gigabit speeds, offering extreme performance for mobile devices. In FIPS 140-2 mode, Aruba APs in conjunction with a Mobility Controller support the IEEE 802.11i/WPA2 client standard along with optional Suite B cryptography. Aruba APs also support wireless intrusion detection/prevention services and wireless mesh topologies.
Approved Algorithms
AES |
Certs. #1648, #1649, #2884, #2900, #3998, #4138 and #5412 |
CVL |
Certs. #326, #826, #944, #2154, #C2090 and #C2091 |
DRBG |
Certs. #528 and #1188 |
ECDSA |
Certs. #519, #950, #1210, #1211, #1578 and #1580 |
HMAC |
Certs. #538, #967, #1818, #1835, #2610, #2711, #C2090 and #C2091 |
KBKDF |
Certs. #32 and #92 |
KTS |
AES Cert. #2884; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #2884 and HMAC Cert. #1818; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #2900 and HMAC Cert. #1835; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #3998 and HMAC Cert. #2610; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Cert. #4138; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #4138 and HMAC Cert. #2711; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #1518, #1528, #2054, #2254, #2395 and #2419 |
SHS |
Certs. #934, #1446, #2425, #2440 #3300, #3408, #3633, #3657, #C2090 and #C2091 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #326, #826, #944, #2154, #C2090 and #C2091, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
Hardware Versions
[AP-214-USF1 (HPE SKU JW169A), AP-215-USF1 (HPE SKU JW171A), AP-224-USF1 (HPE SKU JW173A), AP-225-USF1 (HPE SKU JW175A), AP-228-USF1 (HPE SKU JW183A), AP-274-USF1 (HPE SKU JW177A), AP-275-USF1 (HPE SKU JW179A), AP-277-USF1 (HPE SKU JW181A), AP-324-USF1 (HPE SKU JW185A) and AP-325-USF1 (HPE SKU JW187A)] with FIPS Kit 4011570-01 (HPE SKU JY894A)
Firmware Versions
ArubaOS 8.2.2.5-FIPS; ArubaOS 8.5.0.3-FIPS and ArubaOS 8.6.0.7-FIPS