Fortress Technologies ecure Wireless Access Bridge User Manual
Fortress Bridge: Introduction
3
3) User authentication requires the user of a connecting
device to enter a recognized user name and valid creden-
tials, a password, for example, or a digital certificate. The
Fortress Security System can authenticate users locally or
through existing user-authentication provisions.
tials, a password, for example, or a digital certificate. The
Fortress Security System can authenticate users locally or
through existing user-authentication provisions.
1.3.2
Strong Encryption at the MAC Layer
Fortress ensures network privacy at the Media Access Control
(MAC) sublayer, within the Data Link Layer (Layer 2) of the
Open System Interconnection (OSI) networking model. This
allows a transmission’s entire contents, including the IP
address and any broadcast messages, to be encrypted.
Additionally, Fortress supports the FIPS-validated encryption
algorithm: AES-128/192/256.
(MAC) sublayer, within the Data Link Layer (Layer 2) of the
Open System Interconnection (OSI) networking model. This
allows a transmission’s entire contents, including the IP
address and any broadcast messages, to be encrypted.
Additionally, Fortress supports the FIPS-validated encryption
algorithm: AES-128/192/256.
1.3.3
System Components
The Fortress Security System comprises three components:
A Fortress controller device (Gateway/Controller/Bridge)
provides internal network security by bridging encrypted
wired or wireless communications to the wired LAN or by
remotely bridging point-to-point or -multipoint LAN and
WLAN connections.
provides internal network security by bridging encrypted
wired or wireless communications to the wired LAN or by
remotely bridging point-to-point or -multipoint LAN and
WLAN connections.
The Fortress Secure Client provides device security and
secure wireless connectivity for mobile devices connected
to networks protected by a Fortress controller device.
secure wireless connectivity for mobile devices connected
to networks protected by a Fortress controller device.
Fortress Management and Policy Server (MaPS™)
provides centralized management of network devices and
resources, as well as rules-based access control and
network, device and user authentication, by itself or
integrated with back-end corporate authentication servers.
provides centralized management of network devices and
resources, as well as rules-based access control and
network, device and user authentication, by itself or
integrated with back-end corporate authentication servers.
1.3.4
Operating Modes
The Fortress Security System can be operated in either of two,
mutually exclusive modes.
mutually exclusive modes.
1.3.4.1
Normal Operating Mode
In Normal operating mode, the Fortress Security System
provides the highest available level of network security, without
the additional safeguards Federally mandated for some
government networks. Normal mode of operation is generally
more than adequate for even the most stringent security and
privacy requirements in unregulated environments.
In Normal operating mode, the Fortress Security System
provides the highest available level of network security, without
the additional safeguards Federally mandated for some
government networks. Normal mode of operation is generally
more than adequate for even the most stringent security and
privacy requirements in unregulated environments.
1.3.4.2
FIPS Operating Mode
In FIPS mode, the Fortress Security System complies fully with
the Federal Information Processing Standards (FIPS) 140-2
standard for cryptographic products. Because of its added
administrative complexities, however, FIPS mode is
recommended only for networks that explicitly require FIPS
compliance.
In FIPS mode, the Fortress Security System complies fully with
the Federal Information Processing Standards (FIPS) 140-2
standard for cryptographic products. Because of its added
administrative complexities, however, FIPS mode is
recommended only for networks that explicitly require FIPS
compliance.