We're a small/medium DoD supplier with three facilities and have been told we need FIPS Validated Access Points. I am looking at Aruba but do not see any *Instant* Access Points newer than the 2xx series on the CSRC (https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Validated-Modules/Search)
Is the IAP line not viable for FIPS validated wireless access? We don't (currently) need the complexity/cost of Mobility Master and a Controller.
I'm having a hard time finding any more info on this. From what I've read, the AP-3xx (Campus APs?) are not capable of running in Instant mode.
Can anyone confirm my findings? I really don't want to go back to Ruckus now that they've been acquired by private equity.
IAP has historically taken lower priority on validations than controller-based ArubaOS, just based on what our government customers tend to buy the most of. That said, there is an ongoing FIPS validation effort right now which includes the IAP 300 series - you'll see it at https://csrc.nist.gov/projects/cryptographic-module-validation-program/modules-in-process/modules-in-process-list. It's in "box 3" (in review) right now so it's waiting on NIST. Given the current virus situation, we're not sure how much work is getting done at NIST though, so I can't give you an estimated completion date.
Hope that helps...
Jon - thank you for the quick reply! With the new CMMC regulation, I'm sure there will be others looking at IAP solutions this year as they strive for compliance (and ultimately passing the audit!)
Good to know there is a solution from Aruba in NIST's court. Perhaps by the time we're ready to implement they will have passed the testing.
© Copyright 2023 Hewlett Packard Enterprise Development LPAll Rights Reserved.