Hewlett Packard Enterprise Aruba 7 Series, Manual, Page: 11 / 44

Share

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
18 pages after

Page: 11 / 44

Hewlett Packard Enterprise Aruba 7 Series Manual Download Page 11

4

Finite State Model

2

5

Physical Security

2

6

Operational Environment

N/A

7

Cryptographic Key Management

2

8

EMI/EMC

2

9

Self-tests

2

10

Design Assurance

2

11

Mitigation of Other Attacks

N/A

Overall

Overall module validation level

2

Physical Security

The Aruba Controller is a scalable, multi-processor standalone network device and is enclosed in a robust
steel housing. The controller enclosure is resistant to probing and is opaque within the visible spectrum.
The enclosure of the module has been designed to satisfy FIPS 140-2 Level 2 physical security
requirements.

The Aruba 7XXX Controller requires Tamper-Evident Labels (TELs) to allow the detection of the opening
of the chassis cover and to block the Serial console port.

To protect the Aruba 7XXX Controller from any tampering with the product, TELs should be applied by
the Crypto Officer as covered under

“Tamper-Evident Labels” on page 33

.

Operational Environment

The operational environment is non-modifiable. The control plane Operating System (OS) is Linux, a real-
time, multi-threaded operating system that supports memory protection between processes. Access to the
underlying Linux implementation is not provided directly. Only Aruba Networks provided interfaces are
used, and the CLI is a restricted command set. The module only allows the loading of trusted and verified
firmware that is signed by Aruba.

Aruba 7XXX Series Controllers FIPS 140-2 Level 2 Security Policy

|11

«
...
9
10
11
12
13
...
»

Summary of Contents for Aruba 7 Series

Page 1: ...Aruba 7XXX Series Controllers with ArubaOS FIPS Firmware Non Proprietary Security Policy FIPS 140 2 Level 2 Version 1 17 June 2016 Aruba 7200 Series Controllers FIPS 140 2 Level 2 Security Policy...

Page 2: ...forms and software by all individuals or corporations to terminate other vendors VPN client devices constitutes complete acceptance of liability by that individual or corporation for this action and i...

Page 3: ...ation Mechanisms 18 Unauthenticated Services 19 Non Approved Services 19 Cryptographic Key Management 19 Implemented Algorithms 19 Critical Security Parameters 22 Alternating Bypass State 30 Installin...

Page 4: ...ting Up Your Controller 43 Enabling FIPS Mode 43 Enabling FIPS Mode with the WebUI 43 Enabling FIPS Mode with the CLI 43 Disabling the LCD 44 Disallowed FIPS Mode Configurations 44 4 Aruba 7XXX Series...

Page 5: ...les details the U S Government requirements for cryptographic modules More information about the FIPS 140 2 standard and validation program is available on the National Institute of Standards and Tech...

Page 6: ...ctions IPv4 and IPv6 services the Aruba Policy Enforcement Firewall with AppRF Technology Aruba Adaptive Radio Management and Aruba RFprotect spectrum analysis and wireless intrusion protection The Ar...

Page 7: ...graphic boundary of the module The cryptographic boundary is defined as encompassing the top front left right rear and bottom surfaces of the chassis Figure 1 The Aruba 7005 controller Figure 1 shows...

Page 8: ...actor Pluggable SFP Uplink ports Two Type A USB ports LINK ACT and Status LEDs Management Status LED LCD Panel Navigation Buttons Functionally disabled in FIPS mode Console Connections RJ 45 and Mini...

Page 9: ...ns RJ 45 and Mini USB Disabled in FIPS mode by TELs Figure 4 The Aruba 7030 controller chassis Figure 4 shows the front of the Aruba 7030 Controller and illustrates the following Eight 10 100 1000 Eth...

Page 10: ...tatus LED LCD Panel Navigation Buttons Functionally disabled in FIPS mode Console Connections RJ 45 and Mini USB Disabled in FIPS mode by TELs Intended Level of Security The 7XXX Controller and associ...

Page 11: ...ident Labels TELs to allow the detection of the opening of the chassis cover and to block the Serial console port To protect the Aruba 7XXX Controller from any tampering with the product TELs should b...

Page 12: ...ing functionality of the modules Control input consists of manual control inputs for power and reset through the power and reset switch It also consists of all of the data that is entered into the con...

Page 13: ...PS mode the serial port is disabled Web Interface The Crypto Officer can use the Web Interface as an alternative to the CLI The Web Interface provides a highly intuitive graphical interface for a comp...

Page 14: ...guration data 32 33 read 34 delete Configuring Module Platform Define the platform subsystem firmware of the module by entering Bootrom Monitor Mode File System fault report message logging and other...

Page 15: ...atus of certificates commands and configuration 15 16 17 18 write delete HTTPS over TLS Secure browser connection over Transport Layer Security acting as a Crypto Officer service web management interf...

Page 16: ...ith APs using IPSec and issue self signed certificates to APs Commands and configuration data IKEv1 IKEv2 inputs and data IPSec inputs commands and data Status of commands IKEv1 IKEv2 outputs status a...

Page 17: ...ata 29 30 31 delete EAP TLS termination Provide EAP TLS termination EAP TLS inputs commands and data EAP TLS outputs status and data 29 30 31 read delete 802 11i Shared Key Mode Access the module s 80...

Page 18: ...32 x 52 251 595 800 Therefore the associated probability of a successful random attempt during a one minute period is approximate 1 in 251 596 800 which is less than 1 in 100 000 required by FIPS 140...

Page 19: ...024 bit moduli DES HMAC MD5 and MD5 SSHv1 using RC4 Please note that all CSPs will be zeroized automatically when switching from FIPS mode to non FIPS mode or from non FIPS mode to FIPS mode Cryptogra...

Page 20: ...g FIPS Approved Algorithms o AES Cert 2884 o SP800 135rev1 KDF CVL Cert 314 1 o ECDSA Cert 519 o HMAC Cert 1818 o RSA Cert 1518 o SHS Cert 2425 o Triple DES Cert 1720 ArubaOS UBOOT Bootloader library...

Page 21: ...ss than 112 bits of encryption strength HMAC MD5 MD5 RC4 NOTE IKEv1 IKEv2 TLS SSH and SNMP protocols have not been reviewed or tested by the CAVP and CMVP Aruba 7XXX Series Controllers FIPS 140 2 Leve...

Page 22: ...ed Stored in SDRAM memory plaintext Zeroized by rebooting the module 3 DRBG seed SP 800 90a CTR_DRBG 384 bits Input to the DRBG that determines the internal state of the DRBG Generated using DRBG deri...

Page 23: ...red in SDRAM memory plaintext Zeroized by rebooting the module 9 EC Diffie Hellman private key EC Diffie Hellman Curves P 256 or P 384 Generated internally by calling FIPS approved DRBG cert 528 durin...

Page 24: ...ate key This key is generated by calling FIPS approved DRBG cert 528 in the module Used for IKEv1 IKEv2 TLS OCSP signing OCSP messages and EAP TLS peers authentication Stored in Flash memory plaintext...

Page 25: ...to IKE peers It was established via key derivation function defined in SP800 135 KDF IKEv1 Used for deriving other keys in IKE protocol implementation Stored in SDRAM memory plaintext Zeroized by rebo...

Page 26: ...tion keys Triple DES 192 bits AES and AES GCM 128 192 256 bits The IPsec IKE phase II encryption key This key is derived via a key derivation function defined in SP800 135 KDF IKEv1 IKEv2 Used for IPS...

Page 27: ...aintext Zeroized by rebooting the module 31 TLS session authentication key HMAC SHA 1 256 384 160 256 384 bits This key is derived via a key derivation function defined in SP800 135 KDF TLS Used for T...

Page 28: ...s Stored in SDRAM plaintext Zeroized by rebooting the module 37 802 11i Pairwise Transient Key PTK Shared secret 512 bits This key is used to derive 802 11i session key by using the KDF defined in SP8...

Page 29: ...HMAC SHA512 KAT o RSA sign KAT o RSA verify KAT o ECDSA Pairwise Consistency Test ArubaOS Uboot BootLoader library Firmware o Firmware Integrity Test RSA PKCS 1 v1 5 2048 bits signature verification...

Page 30: ...dated AES256 HMAC SHA1 hash failed AES256 Encrypt failed AES256 Decrypt Failed 3DES HMAC SHA1 hash failed 3DES Encrypt failed 3DES Decrypt Failed DES HMAC SHA1 hash failed DES Encrypt failed DES Decry...

Page 31: ...onent even when the power supplies have been turned off unplugged or removed Main power is fully disconnected from the controller only by unplugging all power cords from their power outlets For safety...

Page 32: ...nts The product carton should include the following 7XXX Controller Rack mounting kit optional Aruba User Documentation CD Tamper Evident Labels 32 Aruba 7XXX Series Controllers FIPS 140 2 Level 2 Sec...

Page 33: ...he tamper evident labels shall be installed for the module to operate in a FIPS Approved mode of operation Aruba Provides double the required amount of TELs If a customer requires replacement TELs ple...

Page 34: ...o labels spanning the RJ 45 and mini USB serial ports as shown in figure 8 Press down on this label to ensure that it adheres to a sufficient area of the front bezel The RJ 45 port is raised relative...

Page 35: ...3 4 5 and 6 To Detect Access to Restricted Ports One label label 2 spanning the RJ 45 and mini USB serial ports as shown in Figure 10 Press down on this label to ensure that it adheres to a sufficien...

Page 36: ...ure 10 Required TELs for the Aruba 7010 Mobility Controller Front Figure 11 Required TELs for the Aruba 7010 Mobility Controller Bottom 36 Aruba 7XXX Series Controllers FIPS 140 2 Level 2 Security Pol...

Page 37: ...l port and one spanning the mini USB port label 2 as shown in Figure 14 and 15 labels 2 3 Press down on this label to ensure that it adheres to a sufficient area of the front bezel The RJ 45 port is r...

Page 38: ...the bottom and the chassis lid as shown in Figures 16 and 18 Labels 3 4 5 and 6 To Detect Access to Restricted Ports One label label 2 spanning the RJ 45 and mini USB serial ports as shown in figure 1...

Page 39: ...gure 16 Required TELs for the Aruba 7030 Mobility Controller Top Figure 17 Required TELs for the Aruba 7030 Mobility Controller Front Aruba 7XXX Series Controllers FIPS 140 2 Level 2 Security Policy 3...

Page 40: ...e bottom and the chassis lid as shown in Figures 19 and 21 Labels 3 4 5 and 6 To Detect Access to Restricted Ports One label label 2 spanning the RJ 45 and mini USB serial ports as shown in Figure 20...

Page 41: ...7205 Mobility Controller Top Figure 20 Required TELs for the Aruba 7205 Mobility Controller Front Figure 21 Required TELs for the Aruba 7205 Mobility Controller Bottom Aruba 7XXX Series Controllers F...

Page 42: ...use the controller see Enabling FIPS Mode on page 37 The admin role must be root Passwords must be at least eight characters long VPN services can only be provided by IPsec or L2TP over IPsec Access...

Page 43: ...t Guide Enabling FIPS Mode For FIPS compliance users cannot be allowed to access the controller until the CO changes the mode of operation to FIPS mode There are two ways to enable FIPS mode Use the W...

Page 44: ...led To disable the LCD screen enter the Enable mode and use the following CLI commands host configure terminal host config lcd menu host lcd menu disable menu Disallowed FIPS Mode Configurations When...

Reviews:

No comments