NIAP: Compliant Product
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Compliant Product  
Compliant Product - Aruba Mobility Controllers and Access Points 6.3.1.5

Certificate Date:  2014.10.22

Validation Report Number:  CCEVS-VR-VID10569-2014

Product Type:    Wireless LAN

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Wireless Local Area Network (WLAN) Access Systems Version 1.0

CC Testing Lab:  Leidos Common Criteria Testing Laboratory

Maintenance Releases:
CC Certificate [PDF] Security Target [PDF] * Validation Report [PDF]

Assurance Activity [PDF]

Administrative Guide [PDF]


* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Product Description

The Target of Evaluation (TOE) is the Aruba Mobility Controller and Access Point Series, running ArubaOS version 6.3.1.5-FIPS.

The Aruba devices within the scope of the evaluation comprise the following Mobility Controllers and Access Points, all running ArubaOS version 6.3.1.5-FIPS:

  • Aruba Mobility Controllers: Aruba 620, 650, 3200, 3400, 3600, 6000, 7210, 7220, and 7240
  • Aruba Access Points: Aruba AP-92, AP-93, AP-104, AP-105, AP-114, AP-115, AP-134, AP-135, AP-175, AP-224, AP-225, RAP-3WN, RAP-5WN, RAP-108, RAP-109, and RAP-155.

Assurance Maintenance was conducted upon which the following ArubaOS, mobility controllers and access points were certified:

  • ArubaOS version 6.4.3.0-FIPS
  • Aruba Mobility Controllers: Aruba 620, 650, 3200, 3400, 3600, 6000, 7210, 7220, and 7240 7005, 7010, 7024, 7030, 7205
  • Aruba Access Points: Aruba AP-204, AP-205, AP-214, AP-215, AP-274, AP- 275, AP-277, AP-92, AP-93, AP-104, AP-105, AP-114, AP-115, AP-134, AP-135, AP-175, AP-224, AP-225, RAP-3WN, RAP-5WN, RAP-108, RAP-109, and RAP-155

The Aruba Mobility Controllers are wireless switch appliances that provide services and features including wireless and wired network mobility, centralized management, auditing, authentication, and remote access.  The Aruba Access Point appliances service wireless clients. The ArubaOS is a suite of mobility applications that runs on all Aruba controllers and APs, and allows administrators to configure and manage the wireless and mobile user environment.


Evaluated Configuration


Security Evaluation Summary

The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process and scheme. The criteria against which the Aruba Mobility Controller and Access Point Series was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 3. Leidos Inc. (formerly Science Applications International Corporation (SAIC)) determined that the TOE satisfies the requirements specified in Protection Profile for Wireless Local Area Network (WLAN) Access Systems, Version 1.0, 1 December 2011.  The product, when installed and configured as identified in the product guidance documentation, satisfies all of the security functional requirements stated in Aruba Mobility Controller and Access Point Series Security Target, Version 1.0, 9/29/2014.

A validation team on behalf of the CCEVS Validation Body monitored the evaluation carried out by Leidos. The evaluation was completed in October 2014. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10569-2014), prepared by CCEVS.


Environmental Strengths

The evaluation of the Aruba Mobility Controller and Access Point Series TOE provides assurance that the security functions implemented by the TOE satisfy the security functional requirements specified in the Aruba Mobility Controller and Access Point Series Security Target and that the guidance documentation describes how to use the TOE in a secure fashion. Assurance was achieved by the performance of the assurance activities specified in Protection Profile for Wireless Local Area Network (WLAN) Access Systems, Version 1.0, 1 December 2011.

The Aruba Mobility Controller and Access Point Series running ArubaOS version 6.3.1.5-FIPS implement the following security functions:

  • Security Audit: The TOE is capable of auditing security relevant events such as logins, administrator actions, use of trusted channel and path, cryptographic operations, resource limitation exceeded, etc. Each audit event includes the date and time of the event, the type of event, the subject identity (if applicable), and the outcome of the event. The administrator can include and exclude events to be audited based on specific criteria.

The TOE may utilize its internal real-time clock chip and/or an external NTP server to provide a reliable timestamp and syslog server to store and protect the audit trail. The administrator is provided an interface in the operating environment to read audit logs and that interface is restricted.

  • Cryptographic Support: The TOE includes NIST-validated cryptographic mechanisms that provide key management, random bit generation, encryption/decryption, digital signature and secure hashing and key-hashing features in support of higher level cryptographic protocols, including SSH, TLS, HTTPS and IPsec. It additionally includes mechanisms that support 802.11i wireless security.
  • User Data Protection: The TOE ensures that any data packets passing through do not inadvertently contain any residual information that might be disclosed inappropriately.
  • Identification and Authentication: The TOE can maintain administrator and user attributes, including credentials such as username and password for administrators and session key and role for remote authenticated users (username and password are stored in the internal database or authentication server). The TOE requires identification and authentication (either locally or remotely through external authentication server, internally, or both) of administrators managing the TOE. Wireless clients are identified and authenticated by different authentication mechanisms such as 802.1X, etc. After an administrator-specified number of failed attempts, the user account is locked out. In addition, the password mechanism can be configured to have a minimum length of eight characters.
  • Security Management: The TOE provides the capability to manage auditing, cryptographic operations, password minimum length enforcement, user accounts, advisory banner, and timeout (inactivity threshold) value. The management functions are restricted to an administrator role. The role must have the appropriate access privileges or access will be denied. The wireless user role has no access to the management interfaces.
  • Protection of the TSF: The TOE provides integrity and security protection for all communication between its components. This prevents unauthorized modification or disclosure of TSF data during transmission. The TOE also protects itself against replay attacks using cryptographic protocols.

The TOE provides self-tests to ensure the correct operation of the cryptographic functions and TSF hardware. There is an option for the administrator to verify the integrity of stored TSF executable code.

The TOE includes mechanisms so that the administrator can determine the TOE version and update the TOE securely using digital signatures and published hashes.

  • Resource Utilization: The TOE can enforce maximum usage quotas on the number of concurrent sessions available to a defined group of users (role).
  • TOE Access: The TOE allows administrators to configure a period of inactivity for administrator and wireless user sessions. Once that time period has been reached while the session has no activity, the session is terminated. Administrators as well as wireless users can also terminate their own sessions at any time. A warning banner is displayed at the management interfaces (Web GUI and CLI) to advise users on appropriate use and penalty for misuse of system.

The TOE can restrict the ability to connect to administrative interfaces based on time/date, location, and device MAC address and blacklist status.

  • Trusted Path/Channels: The TOE provides an encrypted channel between itself and third-party trusted IT entities in the operating environment. The TOE also provides a protected communication path between itself and wireless users.

Vendor Information

Logo
Aruba, a Hewlett Packard Enterprise company
Jon Green
+1 (408)-277-4500
+1 (408)-227-4550
fips@arubanetworks.com

http://www.arubanetworks.com
Site Map              Contact Us              Home