Government and Military

 View Only
  • 1.  FIPS 140-2 AP options

    Posted Apr 21, 2020 04:06 PM

    We're a small/medium DoD supplier with three facilities and have been told we need FIPS Validated Access Points.  I am looking at Aruba but do not see any *Instant* Access Points newer than the 2xx series on the CSRC (https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Validated-Modules/Search)

     

    Is the IAP line not viable for FIPS validated wireless access?  We don't (currently) need the complexity/cost of Mobility Master and a Controller.

     

    I'm having a hard time finding any more info on this.  From what I've read, the AP-3xx (Campus APs?) are not capable of running in Instant mode.

     

    Can anyone confirm my findings?  I really don't want to go back to Ruckus now that they've been acquired by private equity.



  • 2.  RE: FIPS 140-2 AP options
    Best Answer

    Posted Apr 21, 2020 05:07 PM

    IAP has historically taken lower priority on validations than controller-based ArubaOS, just based on what our government customers tend to buy the most of.  That said, there is an ongoing FIPS validation effort right now which includes the IAP 300 series - you'll see it at https://csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list.  It's in "box 3" (in review) right now so it's waiting on NIST.  Given the current virus situation, we're not sure how much work is getting done at NIST though, so I can't give you an estimated completion date.

     

    Hope that helps...



  • 3.  RE: FIPS 140-2 AP options

    Posted Apr 21, 2020 05:40 PM

    Jon - thank you for the quick reply!  With the new CMMC regulation, I'm sure there will be others looking at IAP solutions this year as they strive for compliance (and ultimately passing the audit!)

     

    Good to know there is a solution from Aruba in NIST's court.  Perhaps by the time we're ready to implement they will have passed the testing.