The Target of Evaluation (TOE) is a Wireless Local Area Network (WLAN) access system comprising Aruba Mobility Controllers, ArubaOS software, and Access Points. The TOE consists of one or more of the following products running the specified ArubaOS firmware version and the specified mandatory licenses installed:[1]
\r\n| \r\n Product \r\n | \r\n\r\n Part Number(s) \r\n | \r\n\r\n Required Software Licenses \r\n | \r\n\r\n Firmware Version \r\n | \r\n
| \r\n Aruba 6000 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n Aruba 3200 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n Aruba 3400 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n Aruba 3600 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n Aruba 800 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n Aruba 200 Mobility Controller (FIPS) \r\n | \r\n\r\n
| \r\n\r\n | \r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-60 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-61 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-65 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-70 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-85 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-124 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
| \r\n AP-125 Access Point \r\n | \r\n\r\n
| \r\n\r\n N/A \r\n | \r\n\r\n 3.4.2.3-FIPS operated in FIPS mode \r\n | \r\n
The Aruba Mobility Controllers are wireless switch appliances that provide a wide range of wireless and wired network mobility, security, centralized management, auditing, authentication, and remote access. The Aruba Access Point appliances service wireless clients (part of the operational environment) and can monitor radio frequency spectrums to detect intrusions, denial of service attacks, and other vulnerabilities. The ArubaOS is a suite of mobility applications that runs on all Aruba controllers and APs and allows administrators to configure and manage the wireless and mobile user environment.
\r\n\r\n
[1] The xSec license module is also part of the evaluated configuration, but is not mandatory.
","evaluation_configuration":"The TOE is shipped with guidance documentation for installing and configuring it in its evaluated configuration. These documents are:
\r\nThe CC Addendum Document contains information specific for configuring the TOE in its evaluated configuration. This includes configuration items such as:
\r\no The TOE must be running in FIPS mode and only uses FIPS 140-2 approved cryptographic algorithms
\r\no Telnet access to the TOE is automatically disabled and cannot be enabled or configured
\r\no The passwords for management users are case-sensitive
\r\no The TOE permits only WPA2 algorithms using AES for wireless security. Open, TKIP and WPA-based algorithms are not permitted
\r\no The evaluated configuration requires the TOE to be configured to use SNMPv3 only. SNMPv1 and SNMPv2 are not in the evaluated configuration and should not be configured.
","security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) process. The criteria against which the Aruba Mobility Controller and Access Point Series TOE was judged are described in the Common Criteria for Information Technology Security Evaluation, Version 3.1, Revision 2. The evaluation methodology used by the Evaluation Team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 3.1, Revision 2. Science Applications International Corporation (SAIC) determined that the evaluation assurance level (EAL) for the product is the EAL4 assurance requirements package, augmented with ALC_FLR.2 (Flaw reporting procedures). The product satisfies all of the security functional requirements stated in the Aruba Mobility Controller and Access Point Series Security Target, when configured as specified in the evaluated guidance documentation.
\r\nA validation team on behalf of the CCEVS Validation Body monitored the evaluation carried out by SAIC. The evaluation was completed in May 2011. Results of the evaluation can be found in the Common Criteria Evaluation and Validation Scheme Validation Report (report number CCEVS-VR-VID10348-2011), prepared by CCEVS.
","environmental_strengths":"Aruba Mobility Controller and Access Point Series provides a moderate level of independently assured security in a conventional TOE and is suitable for a relatively benign environment with good physical access security and competent administrators.
\r\nAruba Mobility Controller and Access Point Series supports the following security functions:
\r\nSecurity Audit
\r\nThe TOE is capable of auditing security relevant events such as logins, administrator actions, use of trusted channel and path, cryptographic operations, resource limitation exceeded, etc. Each audit event includes the date and time of the event, the type of event, the subject identity (if applicable), and the outcome of the event. The administrator can include and exclude events to be audited based on specific criteria. The TOE can detect security event/violation based on signature and perform the appropriate action such as alerting the administrator or denying access.
\r\nCryptographic Support
\r\nThe TOE has been certified as a FIPS 140-2 cryptographic module (FIPS 140-2 certified Certificates #:1297, #1116, #1109, #1077, and #1075) at Security Level 2. When in FIPS mode, the cryptographic module only employs FIPS-approved RNG, key generation, establishment, zeroization, encryption, digital signature, and hashing algorithms.
\r\nUser Data Protection
\r\nThe TOE provides both policies and access control lists (ACLs) to control information flow. Firewall policies identify specific characteristics about a data packet and specify the action to take based on that identification. ACLs provide a method of restricting certain types of traffic on a physical port based on IP address, port, protocol, etc. Administrators can apply firewall policies to user roles and give differential treatment to different users on the same network, or to physical ports and apply the same policy to all traffic through the port. The TOE can also group wireless clients into separate virtual LANs (VLANs). The TOE protects the data between itself and the wireless clients using AES or TDES. The TOE ensures any previous information content is made unavailable upon the allocation of a memory buffer to a network packet.
\r\nIdentification and Authentication
\r\nThe TOE can maintain administrator and user attributes, including credentials such as username and password for administrators and session key and role for remote authenticated users (username and password can be stored in the TOE’s internal database or in an authentication server in the operational environment). The TOE requires identification and authentication (either locally or remotely through external authentication server, internally, or both) of administrators managing the TOE. The TOE provides various mechanisms for identifying and authenticating wireless clients, including captive portal and 802.1X. After an administrator-specified number of failed authentication attempts, the user account is locked out. In addition, the password mechanism can be configured to have a minimum length of six characters.
\r\nSecurity Management
\r\nThe TOE provides the capability to manage auditing, cryptographic operations, intrusion protection functions, password minimum length enforcement, user accounts, policies & ACLs rules, advisory banner, and timeout (inactivity threshold) value. The management functions are restricted to an administrator role. The role must have the appropriate access privileges or access will be denied. The wireless user role has no access to the management interfaces. The information flow policy blocks packets by default and only administrators can change the default values. The FIPS-validated TOE ensures that only secure values are accepted for security attributes.
\r\nProtection of the TSF
\r\nThe TOE provides integrity protection for all communication between its components. This prevents unauthorized modification of TSF data during transmission. The TOE also provides self-tests to ensure the correct operation of the cryptographic functions and TSF hardware. There is an option for the administrator to verify the integrity of stored TSF executable code. The communication between the TOE and another trusted IT product (e.g., NTP, syslog, RADIUS) is protected through a trusted channel. The communication between the TOE and remote administrators is protected through a trusted path.
\r\nResource Utilization
\r\nThe TOE can enforce maximum usage quotas on the number of concurrent sessions available to each named group of users.
\r\nTOE Access
\r\nThe TOE allows administrators to configure a period of inactivity for a user’s session. Once that time period has been reached while the session has no activity, the session is terminated. A warning banner is displayed at the management interfaces (Web GUI and CLI) to advise users on appropriate use and penalty for misuse of the system.
\r\nTrusted Path/Channels
\r\nThe TOE provides an encrypted channel between itself and third-party trusted IT entities in the operating environment. The TOE also provides a protected communication path between itself and wireless users.
","features":[]}