The 3e-525A-3 Access System is a wireless LAN access system. The 3e-525A-3 Access System is a ruggedized access point intended for use in industrial and external environments. It provides a secure, yet flexible, WLAN environment comprised of two components: (a) the 3e-525A-3 Wireless Access Point (3e-WAP), and (b) the 3e-030-2 Security Server. (3e-SS).
\r\nThe access system is a fully functional WLAN platform with augmented security functionality. While the system can provide standard 802.11a/b/g wireless access, the system can provide enhanced protection through a variety of cryptographic features, providing a high level of security for wireless environments. The 3e-WAP contains FIPS 140-2 Validated Level 2 secure encryption modules, with EAP-TLS provided by the 3e-SS software using the DKE Key exchange method when used in conjunction with 3e-010F clients. The 3e-WAP also includes 802.11i support. This product is expected to be used with FIPS 140-2 Validatedâ„¢ Cryptomodule Client Software 3e-010F-A-2 Version 2.0 Build 18 which is the subject of a separate concurrent evaluation by the same lab.
\r\nThe 3e-WAP is a ruggedized wireless access point that meets both military and enterprise environment requirements, and the entire box is included within the TOE. The hardware main board consists of an Intel Xscale IXP 425 processor, which processes encrypted and unencrypted traffic on both the wireless and wired networks to which the 3e-WAP interfaces. The processor runs at 533 MHz. There are 8M bytes of flash memory, and 64M bytes of RAM. Both external ports and internal ports are available on the hardware main board. External ports include one 10/100 Mbps WAN Ethernet port, one 10/100 Mbps LAN Ethernet port, one external USB host port, and a reset button. Internal ports include two mini-PCI interfaces for wireless adapters and one each of the following: JTAG interface, MII bus, I2C port, UART port, and 16-bit expansion port for expansion. There are LED indicators on the box. They are for AC power, WAN activities, PCI 1 active, PCI 2 active, and FIPS mode indicator.
\r\nThe 3e-WAP supports multiple RFs (802.11a/b/g) and the following additional functionality: AES/3DES encryption, Unicast/Broadcast key setting, 802.1x packet awareness, standard WDS (Wireless Data Service), sniffing, i.e., receiving all the wireless packets in the same channel in the air and “passing” them up the network stack (i.e. encapsulating the packets) to the application layer OS and WPA and WPA2 (Wi-Fi Protected Access). The 3e-WAP includes a USB master controller which provides connectivity to external equipment such as a USB printer. Two types of Ethernet ports are provided by the 3e-WAP: one for WAN connection, and the other for protected LAN connection.
\r\nThe 3e-SS is a software package which is installed on a Windows 2000 Server or Windows 2003 Server system. The operating system and computer on which the 3e-SS is installed are not included in the TOE, only the provided 3e-SS software. The physical boundary for the 3e-SS component of the TOE then is the environment needed for effective operation of the component itself. This would include a server with the installed operating system and a network connection to the 3e-WAP.
","evaluation_configuration":null,"security_evaluation_summary":"The evaluation was carried out in accordance with the Common Criteria Evaluation and Validation Scheme (CCEVS) processes and procedures. TOE was evaluated against the criteria contained in the Common Criteria for Information Technology Security Evaluation, Version 2.3. The evaluation methodology used by the evaluation team to conduct the evaluation is the Common Methodology for Information Technology Security Evaluation, Version 2.3.
\r\nCygnaCom Solutions has determined that the product meets the security criteria in the Security Target, which specifies an assurance level of EAL 2 augmented with, ACM_SCP.1 (TOE CM Coverage), ALC_FLR.2 (Flaw Remediation), ACM_CAP.3 (Authorization Controls), and AVA_MSU.1 (Misuse - Examination of Guidance).
\r\nA team of validators, on behalf of the CCEVS Validation Body, monitored the evaluation. The evaluation was completed in September 2006.
","environmental_strengths":"The access system is a fully functional WLAN platform with augmented security functionality. While the system can provide standard 802.11a/b/g wireless access, the system can provide enhanced protection through a variety of cryptographic features, providing a high level of security for wireless environments. The 3e-WAP contains FIPS 140-2 Validated Level 2 secure encryption modules, with EAP-TLS provided by the 3e-SS software using the DKE Key exchange method when used in conjunction with 3e-010F clients. The 3e-WAP also includes 802.11i support.
\r\n","features":[]}