Aruba Networks FIPS 140-2 Manuel D’Utilisation

Service

Description

CSPs Accessed (see section 6
below for complete description of
CSPs)

Creation/use of secure
management session between
module and CO

The module supports use of
IPSec for securing the
management channel.



IKE Preshared Secret



DH Private Key



DH Public Key



IPSec session encryption
keys



IPSec session
authentication keys



RSA key pair

Creation/use of secure mesh
channel

The module requires secure
connections between mesh points
using 802.11i



WPA2-PSK



802.11i PMK



802.11i PTK



802.11i EAPOL MIC
Key



802.11i EAPOL
Encryption Key



802.11i AES-CCM key



802.11i GMK



802.11i GTK



802.11i AES-CCM key

System Status

CO may view system status
information through the secured
management channel

See creation/use of secure
management session above.

4.2.2 User Services

The User services defined in Remote AP FIPS mode and CPSec protected AP FIPS mode shares the same
services with the Crypto Officer role, please refer to Section 4.2.1, “Crypto Officer Services”. The
following services are provided for the User role defined in Remote Mesh Portal FIPS mode and Remote
Mesh Point FIPS mode.