NIAP: Assurance Continuity
NIAP/CCEVS
  NIAP  »»  Product Compliant List  »»  Product Entry  »»  Assurance Continuity  
Assurance Continuity - Aruba Mobility Controller and Access Point Series

Date of Maintenance Completion:  2015.06.02

Product Type:    Wireless LAN

Conformance Claim:  Protection Profile Compliant

PP Identifier:    Protection Profile for Wireless Local Area Network (WLAN) Access Systems Version 1.0

Original Evaluated TOE:  2014.10.22 - Aruba Mobility Controllers and Access Points 6.3.1.5

CC Certificate [PDF] Validation Report [PDF] Assurance Activity [PDF]

Administrative Guide [PDF]

Please note:  The above files are for the Original Evaluated TOE.  Consequently, they do not refer to this maintained version, although they apply to the maintained version. 

Security Target [PDF] * Assurance Continuity Maintenance Report [PDF]

Please note:  This serves as an addendum to the VR for the Original Evaluated TOE. 

* This is the Security Target (ST) associated with the latest Maintenance Release.  To view previous STs for this TOE, click here.

Readers are reminded that the certification of this product (TOE) is the result of maintenance, rather than an actual re-evaluation of the product.  Maintenance only considers the affect of TOE changes on the assurance baseline (i.e. the original evaluated TOE); maintenance is not intended to provide assurance in regard to the resistance of the TOE to new vulnerabilities or attack methods discovered since the date of the initial certificate.  Such assurance can only be gained through re-evaluation. 

Using a security impact analysis of the changes made to the TOE, which was provided by the developer, the CCEVS has determined that the impact of changes on the TOE are considered minor and that independent evaluator analysis was not necessary.  A summary of the results can be found in the Maintenance Report, which is written in relation to the product's original validation report and Security Target.  Readers are therefore reminded to read the Security Target, Validation Report, and the Assurance Maintenance Report to fully understand the meaning of what a maintained certificate represents. 

Product Description

Aruba Networks has revised the firmware OS in their hardware appliances and has added support for twelve new appliance models.  Changes are summarized below:

  • Aruba Networks has revised the firmware OS in their hardware appliances from ArubaOS version 6.3.1.5-FIPS to ArubaOS version 6.4.3.0-FIPS,
  • The following appliance models was added to the TOE:
    • Aruba Mobility Controllers: Aruba 7005, 7010, 7024, 7030, 7205
    • Aruba Access Points: Aruba AP-204, AP-205, AP-214, AP-215, AP-274, AP-275, AP-277
  • The functionality of the new models remains the same as prior models.  The differences in the models include the number of ports, interfaces, throughput and processing speed, memory and storage.  Although these models have different specifications (in terms of performance and capabilities), they all provide the same security functions described in the ST; therefore, they have been considered to be the same for the purposes of the ST description. There is no difference between the products and the TOE. Since the TOE is a WLAN access system, the physical boundary of each product that comprises the WLAN is the hard steel or plastic encasing.

All appliance models have been FIPS 140-2 validated with ArubaOS version 6.4.3.0-FIPS and the certificate numbers are included in the updated Security Target.

Vendor Information

Logo
Aruba, a Hewlett Packard Enterprise company
Jon Green
+1 (408)-277-4500
+1 (408)-227-4550
fips@arubanetworks.com

http://www.arubanetworks.com
Site Map              Contact Us              Home