Русский dropdown-ico

Инструкция обслуживания Dell PowerConnect W-AP92

45 страниц Не касается
Скачать

Перейти на страницу of 45

Summary
  • Dell PowerConnect W-AP92 - page 1

    1 FIPS 140-2 Non-Proprietary Security Policy for A ruba A P- 92, AP-93, AP- 105 , AP -1 75 Dell W- A P9 2, W- A P9 3, W- A P105 and W- AP 175 Wireless A cc ess Points Version 1.2 Feb. 20 12 Aruba Networks™ 1322 Crossman Ave. Sunnyvale, C A 94089-1113 ...

  • Dell PowerConnect W-AP92 - page 2

    2 ...

  • Dell PowerConnect W-AP92 - page 3

    3 1 INTRODUCTION .................................................................................................................................. 5 1.1 A RUBA D ELL R ELATIONSHI P ............................................................................................................. 5 1.2 A CRONYMS AND A BBREVIATIO NS ...................... ...

  • Dell PowerConnect W-AP92 - page 4

    4 3.2.5 AP -175 TEL Placemen t ............................................................................................................ 23 3.2.5.1 To detec t access to restricted ports: ................................................................................... 23 3.2.5.2 To detec t opening of the chassis cover: ........................ ...

  • Dell PowerConnect W-AP92 - page 5

    5 1 Introduction This document constitutes t he non-pro prietary Cryptographic Module Security Polic y for the AP -92, AP- 93, AP-105 and AP-175 Wir eless Access Points with FIPS 1 40 -2 Level 2 validation fro m Aruba Networks. This security polic y describes ho w the AP meets the security require ments of FIPS 140 -2 Level 2, and how to place and ...

  • Dell PowerConnect W-AP92 - page 6

    6 GE Gigabit Ethernet GHz Gigahertz HMAC Hashed Mes sage Authenticati on Code Hz Hertz IKE Internet Key Exchange IPSec Internet Protoco l security KAT Known Ans wer Test KEK Key Encryption Key L2TP Layer-2 Tunneling Pro tocol LAN Local Area Network LED Light Emitting Diode SHA Secure Hash Algorithm SNMP Simple Network Management P rotocol SPOE Seri ...

  • Dell PowerConnect W-AP92 - page 7

    7 2 Product O verview This section i ntroduces the va rious Aruba W ireless Access Points, pro viding a brief overv iew and summar y of the physical features of eac h model covered b y this FIPS 140 -2 security policy. 2.1 AP - 92 This section introduces t he Aruba AP-92 Wireless Access P oint (AP) with FIPS 140 -2 Level 2 validation. It describes ...

  • Dell PowerConnect W-AP92 - page 8

    8 The exact firmware versio ns tested were:  ArubaOS_6 xx_6.1.2.3 -FIPS  Dell_P CW_6xx_6.1.2.3 -FIPS 2.1.1.1 Dimensions/Weight The AP has the follo wing physical dimensions:  120 mm x 130 mm x 35 mm (4.7" x 5.1" x 1.4")  255 g (9 oz) 2.1.1.2 Interfaces The module provides the follo wing network inter faces:  1 x 10 /10 ...

  • Dell PowerConnect W-AP92 - page 9

    9 Label Function Action Status On – Green 2.4GHz radio enabled in 802.11 n mode Flashing - Green 2.4GHz Air monitor o r RF protect sensor 11a/n 5GHz Radio Status Off 5GHz radio disabled On - Amber 5GHz radio en abled in WLAN mode On – Green 5GHz radio enabled in 802.11n mode Flashing - Green 5GHz A ir m onitor or RF p rotect sensor 2.2 AP - 93 ...

  • Dell PowerConnect W-AP92 - page 10

    10 The plastic case p hysically encloses the co mplete set of hard ware and software co mponents and repr esents the cryptographic boundar y of the module. The Access Point config uration tested during the cr yptographic module testi ng included: Aruba Part Number Dell Corresponding Part N umber AP - 93 - F1 W-AP93- F1 The exact firmware versio ns ...

  • Dell PowerConnect W-AP92 - page 11

    11 Label Function Act ion Status Flashing Ethernet link activity 11b/g/n 2.4GHz Radio Status Off 2.4GHz rad io disabled On – Amber 2.4GHz radio enabled in WLAN mode On – Green 2.4GHz radio enabled in 802 .11n mode Flashing - Green 2.4GHz Air monitor o r RF protect sensor 11a/n 5GHz Radio Status Off 5GHz radio disabled On - Amber 5GHz radio enab ...

  • Dell PowerConnect W-AP92 - page 12

    12 2.3.1 Physical Description The Aruba AP-1 05 Acces s Point is a multi -chip standalone cryptographic module co nsisting of hard ware and software, all contained i n a hard plas tic case. T he module contains two dual-band 2.4-GHz/5- GHz 802.11 a/b/g/n transcei vers, an d 4 x integrated, o mni-directional anten na elements (supp orting up to 2x2 ...

  • Dell PowerConnect W-AP92 - page 13

    13 ENET Ethernet Net work Link Status / Activity Off Ethernet link unavailable On – Amber 10/100Mbs Ethernet link negotiated On – Green 1000Mbs Ethernet link ne goti ated Flashing Ethernet link activity 11b/g/n 2.4GHz Radio Status Off 2.4GHz rad io disabled On – Amber 2.4GHz rad io enabled in WLAN mode On – Green 2.4GHz rad io enabled in 80 ...

  • Dell PowerConnect W-AP92 - page 14

    14 2.4.1 Physical Description The Aruba AP-17 5 Access Point is a multi-chip standalone cryptograp hic module consisting o f hardware and software, all contained i n a hard case. T he module contains two 802. 11 a/b/g/n transceivers, and 4 x N- type female interfaces (2 x 2.4 GHz, 2 x 5 GHz) for external antenna s upport (suppor ts MIMO) The hard c ...

  • Dell PowerConnect W-AP92 - page 15

    15 2.4.1.3 Indicator LEDs There is an array of LEDs which op erate as follo ws: Table 5- AP - 175 Indicato r LEDs Label LED Position Function Action Status PWR D11 AP power / s ystem status Off No power to AP Red System Alarm Flashing - Green Power did not connect well or equipment failure On - Green Device ready ENET0 D15 Ethernet Network Link Sta ...

  • Dell PowerConnect W-AP92 - page 16

    16 3 Module Objecti ves This section describes the a ssurance le vels for each of the areas d escribed in the FIPS 140 -2 Standar d. In addition, it pro vides information on placing the module in a FIPS 1 40 -2 appro ved configuration. 3.1 Security Levels Section Section Title Level 1 Cryptographic Module Sp ecification 2 2 Cryptographic Module P o ...

  • Dell PowerConnect W-AP92 - page 17

    17 3.2.2 AP - 92 TEL Placeme nt This section displays all the TEL locations of the Aruba AP -92. The AP- 92 req uires a minimum of 3 TELs to be applied as follo ws: 3.2.2.1 To detect access to re stricted ports: 1. Spanning the serial port 3.2.2.2 To detect openin g of the chassis cover: 2. Spanning the bottom and top chassis co vers on the right s ...

  • Dell PowerConnect W-AP92 - page 18

    18 Figure7 - Aruba AP-92 Tel placement right view Figure 8 - Aruba AP-92 Tel place ment top view ...

  • Dell PowerConnect W-AP92 - page 19

    19 Figure 9 - Aruba AP-92 Tel place ment botto m view 3.2.3 AP - 93 TEL Placeme nt This section displays all the TEL locations of the Aruba AP - 93 . T he AP-93 req uires a minimum of 3 T ELs to be applied as follo ws: 3.2.3.1 To detect access to re stricted ports: 1. Spanning the serial port 3.2.3.2 To detect openin g of the chassi s cover: 2. Spa ...

  • Dell PowerConnect W-AP92 - page 20

    20 Figure 11 - Aruba AP- 93 Tel placement left view Figure 12 - Aruba AP- 93 Tel placement right view Figure 13 - Aruba AP- 93 Tel placement botto m view ...

  • Dell PowerConnect W-AP92 - page 21

    21 Figure 14 - Aruba AP- 93 Tel placement top view 3.2.4 AP -105 TE L Placement This section displays all the T EL locations of the Aruba AP -105. T he AP -105 req uires a minimum of 3 TELs to be applied as follows: 3.2.4.1 To detect op ening of the chassis cover : 1. Spanning the bottom and top chassis co vers on the left side 2. Spanning the bott ...

  • Dell PowerConnect W-AP92 - page 22

    22 Figure 16 - Aruba AP- 105 Tel placement left view Figure 17 - Aruba AP- 105 Tel placement right v iew Power Input Inlet Figure 18 - Aruba AP- 105 Tel placement top view ...

  • Dell PowerConnect W-AP92 - page 23

    23 Figure 19 - Aruba AP- 105 Tel placement bottom view 3.2.5 AP -175 TE L Placement This section displays all the T EL locations o f the Aruba AP -175. T he AP -175 req uires a minimum o f 6 TELs to be applied as follows: 3.2.5.1 To detect access to restricted ports : 1. Spanning the USB console po rt 2. Spanning the power connector plug (AP -175P ...

  • Dell PowerConnect W-AP92 - page 24

    24 Figure 20 - Aruba AP- 175 Tel placement back view Figure 21 - Aruba AP -175 Tel placement left view Figure 22 - Aruba AP- 175 Tel placement right view ...

  • Dell PowerConnect W-AP92 - page 25

    25 Figure 23 - Aruba AP- 175 Tel placement top view Figure 24 - Aruba AP- 175 Tel placement bottom view 3.2.6 Inspection/Testing of Physical Security Mechanisms Physical Security M echanism Recommended Te st Frequency Guidance Tamper-evident labels (T ELs) Once per month Examine for an y sign of r emoval, replacement, tearing, etc. See images above ...

  • Dell PowerConnect W-AP92 - page 26

    26 3.3 Modes of Operat ion The module has the following FIP S approved modes of operations: • Remote AP ( RAP) FIPS mode – When the module is configured as a Remote AP, it is i ntended to be deployed in a remote location (relative to the Mobility C o ntroller). The m odule provides cryptographic processing i n the form of I PSec for all traf fi ...

  • Dell PowerConnect W-AP92 - page 27

    27 6. If the s taging co ntroller do es not pro vide Po E, either ensure the presence of a PoE injector for the LAN connection bet ween t he module and the controller, o r ensure the prese nce o f a DC po wer supply appropriate to the particular model of the module. 7. Connect the module via a n Ethernet cable to the sta ging controller ; note that ...

  • Dell PowerConnect W-AP92 - page 28

    28 7. Connect the module via a n Ethernet cable to the sta ging controller ; note that this s hould be a direct connection, with no intervening net work or devices; if PoE is being supplied b y an inj ector, this represents the o nly exception. T hat is, nothing o ther than a P oE injecto r should be prese nt bet ween the module and the sta ging co ...

  • Dell PowerConnect W-AP92 - page 29

    29 the AP a s Re mote Mesh P ortal b y filling in the form appr opriately. Detailed steps are l isted in Section “ Pro visioning an I ndividual AP ” o f Chapter “ The Basic User-Centric Net works ” of t he Aruba OS User Guide. Click “Apply and Reboo t” to complete the pro visioning process. a. During the provisio ning pro cess as Remote ...

  • Dell PowerConnect W-AP92 - page 30

    30 represents the o nly exception. That is, not hing other than a P oE injector should be pr esent bet ween the module and the sta ging controller. 8. Once the module is connected to the controller b y the Ethernet cable, navigate to the Configuration > Wireless > AP Installation page, where you should see an entry for the AP. Select that AP, ...

  • Dell PowerConnect W-AP92 - page 31

    31 3.5 Logical Interfaces The phy sical interfaces are divided in to logical interfaces defined b y FIPS 140 -2 as descr ibed in th e following table. Table 6 - FIPS 140 - 2 Logical Interfaces FIPS 140- 2 Logical Interface Module Physical Interfa ce Data Input Interface 10/100/10 00 Ethernet Ports 802.11a/b/g/n Radio T ransceiver Data Output Interf ...

  • Dell PowerConnect W-AP92 - page 32

    32 4 Roles, Authentication and Ser vices 4.1 Roles The module supp orts the roles of Cr ypto Officer, User, and W ireless Client; no ad ditional roles (e.g., Maintenance) are suppo rted. Administrative operatio ns car ried out by the Aruba Mob ilit y Contr oller map to the Crypto Of ficer ro le. The C r ypto Officer ha s t he ability to configure, ...

  • Dell PowerConnect W-AP92 - page 33

    33 4.1.2 User Authentication Authentication for the User ro le depends on the module confi guratio n. When the module i s co nfigured as a Remote Mesh Por tal FIPS mo de and Re mote Mesh Point FI PS mode, the U ser role is a uthenticated via t he WPA2 p re-shared key. When the module is co nfigured as a Remote AP FIPS mode a nd CP Sec protected AP ...

  • Dell PowerConnect W-AP92 - page 34

    34 Authentication Mechanis m Mechanis m Strength Wireless Client WPA2-PSK (Wireless Client role) For WPA2 -PSK there are at least 95 ^16 (=4.4 x 10 ^31) possible combinations. In order to test a guessed key, the attac ker must co mplete the 4-way handshake with the AP. P rior to completing the 4 -wa y handshake, the attacker must co mplete the 802. ...

  • Dell PowerConnect W-AP92 - page 35

    35 4.2 Services The module provides vario us services dependi ng on role. These are d escribed belo w. 4.2.1 Crypto Officer Services The CO role in each of FIP S modes d efined in section 3.3 has the same ser vices Service Description CSPs Accessed (see section 6 below for co mplete description o f CSPs) FIPS mode enable/di sable The CO selects/de ...

  • Dell PowerConnect W-AP92 - page 36

    36 Service Description CSPs Accessed (see section 6 below for co mplete description o f CSPs) Creation/use of secure management session bet ween module and CO The module supports use of IPSec for securing the management channel.  IKEv1/IKEv2 P reshared Secret  DH Pr ivate Key  DH Public Key  IPSec session encryption keys  IPSec sessi ...

  • Dell PowerConnect W-AP92 - page 37

    37 Service Description CSPs Accessed (see section 6 below for co mplete description o f CSPs)  802 .11i AES-CCM key  802 .11i GMK  802 .11i GTK Use of WPA pre -shared key fo r establishment of IEEE 802.11i keys When the module is i n mesh configuration, the inter -module mesh links are secured with 802.11i. This is authe nticated with a sh ...

  • Dell PowerConnect W-AP92 - page 38

    38  System stat us – SYSLOG and module LEDs  802 .11 a/b/g/n  FTP  T FTP  NTP  GRE tunneli ng of 802.11 wireless user frames (when actin g as a “Local AP”)  Reboot module by removing/rep lacing power  Self-test and i nitialization at po wer- on ...

  • Dell PowerConnect W-AP92 - page 39

    39 5 Cryptographic Algori thms FIPS-approved cryptographic algorithms have b een i mplemented in hard ware and firmwar e. The firmware suppo rts the following cryptographic i mplementations.  ArubaOS Open SSL AP Mod ule implements the following F IPS -app roved algorithms: o AES (Cert. #1851) o HMAC (Cert. #1099) o RNG (Cert. #970) o RSA (Cert. ...

  • Dell PowerConnect W-AP92 - page 40

    40 6 Critical Security Para meters The following Critical Sec urity Parameters (CSP s) are used b y the module: CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE Key E ncryption Key (KEK) Triple-DES 168 -bits key Hard-coded Stored in flash, zeroized b y the ‘ap wipe out flash’ command. Encrypts IKEv1/IKEv2 preshared keys and configuration pa ...

  • Dell PowerConnect W-AP92 - page 41

    41 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE IKEv1/IKEv2 Diffie - Hellman Private key 1024 -bit Diffie- Hellman private key Generated internall y during IKEv1/IKEv2 negotiation Stored in plaintext in volatile memory; zeroized when session is closed or system is powered off Used in establishing the session key for IPSec IKEv1/IKEv2 Diffie ...

  • Dell PowerConnect W-AP92 - page 42

    42 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE WPA2 PSK 16 - 64 character shared secret used to authenticate mesh connections and in remote AP advanced configuration CO configured Encrypted in flash using the KEK; zeroized by updating through administrative interface, or by the ‘ap wipe out flash’ command. Used to der ive the PMK for 8 ...

  • Dell PowerConnect W-AP92 - page 43

    43 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE 802.11i Gro up Master Key (GMK) 256 -bit se cret used to derive GTK Generated from appro ved RNG Stored in plaintext in volatile memory; zeroized o n reboot Used to derive Group Transient Key (GTK) 802.11i Gro up Transient Key (GTK) 256 -bit shared secret used to derive group (multicast) encry ...

  • Dell PowerConnect W-AP92 - page 44

    44 7 Self T est s The module perfor ms the follo wing Self Tests after being config ured into e ither Remote AP mode or Remote Mesh P ortal mode . The module per forms both p ower -up and conditiona l self-test s. In the e vent any self-test fails, the module enters an error state, logs the er ror, and reb oots automatically. The module performs th ...

  • Dell PowerConnect W-AP92 - page 45

    45 Self-test results are written to the serial console. In the event of a K ATs failure, the AP logs different messages, d epending on the error. For an ArubaOS Open SSL AP module and ArubaOS cryptograp hic module KAT failure: AP rebooted [DATE][TIME] : Restarting System, SW FIPS KAT failed For an AES Atheros hard ware POST failure: Starting HW SHA ...

Производитель Dell Категория Access Point

Документы, которые мы получаем от производителя устройства Dell PowerConnect W-AP92 мы можем разделить на несколько групп. Это в частности:
- технические чертежи Dell
- инструкции обслуживания PowerConnect W-AP92
- паспорта изделия Dell
- информационные брошюры
- энергетические этикетки Dell PowerConnect W-AP92
Все из них важны, однако самую важную информацию с точки зрения пользователя мы найдем в инструкции обслуживания Dell PowerConnect W-AP92.

Группа документов, определяемая как инструкции обслуживания, делится также на более подробные типы, такие как: Инструкции монтажа Dell PowerConnect W-AP92, инструкции обслуживания, короткие инструкции или инструкции пользователя Dell PowerConnect W-AP92. В зависимости от потребностей, Вам необходимо поискать требуемый документ. На нашем сайте Вы можете просмотреть самую популярную инструкцию использования изделия Dell PowerConnect W-AP92.

Похожие инструкции обслуживания

Полная инструкция обслуживания устройства Dell PowerConnect W-AP92, как должна выглядеть?
Инструкция обслуживания, определяемая также как пособие пользователя, или просто "руководство" - это технический документ, цель которого заключается в использовании Dell PowerConnect W-AP92 пользователями. Инструкции пишет, как правило технический писатель, языком, доступным для всех пользователей Dell PowerConnect W-AP92.

Полная инструкция обслуживания Dell, должна заключать несколько основных элементов. Часть из них менее важная, как например: обложка / титульный лист или авторские страницы. Однако остальная часть, должна дать нам важную с точки зрения пользователя информацию.

1. Вступление и рекомендации, как пользоваться инструкцией Dell PowerConnect W-AP92 - В начале каждой инструкции, необходимо найти указания, как пользоваться данным пособием. Здесь должна находится информация, касающаяся местонахождения содержания Dell PowerConnect W-AP92, FAQ и самых распространенных проблем - то есть мест, которые чаще всего ищут пользователи в каждой инструкции обслуживания
2. Содержание - индекс всех советов, касающихся Dell PowerConnect W-AP92, которое найдем в данном документе
3. Советы по использованию основных функций устройства Dell PowerConnect W-AP92 - которые должны облегчить нам первые шаги во время использования Dell PowerConnect W-AP92
4. Troubleshooting - систематизированный ряд действия, который поможет нам диагностировать а в дальнейшем очередность решения важнейших проблем Dell PowerConnect W-AP92
5. FAQ - чаще всего задаваемые вопросы
6. Контактные данные Информация о том, где искать контактные данные производителя / сервисного центра Dell PowerConnect W-AP92 в данной стране, если самостоятельно не получится решить проблему.

У вас вопрос, касающийся Dell PowerConnect W-AP92?

Воспользуйтесь формуляром, находящимся ниже

Если с помощью найденной инструкции Вы не решили свою проблему с Dell PowerConnect W-AP92, задайте вопрос, заполнив следующий формуляр. Если у какого то из пользователей была похожая проблема с Dell PowerConnect W-AP92 со всей вероятностью он захочет поделиться методом ее решения.

Перепишите текст с картинки

Captcha
Новая картинка

Комментарии (0)