Question: In which network scenarios do I need FIPS-compliant APs?
Product and Software: This article applies to Aruba AP-65-F1, AP-70-F1, AP-124-F1, AP-125-F1, AP-85-TX-F1, AP-85-LX-F1, AP-85-LX-EU-F1, AP-85-FX-F1, AP-85-FX-EU-F1.
The Aruba centralized architecture ensures that all the WLAN cryptographic functions are carried out by the Aruba Controller. FIPS compliance is achieved with a FIPS-validated Aruba Controller.
However, in special network design instances, the AP is responsible for the cryptography. In such cases, the APs should be FIPS-validated to have a FIPS-compliant network.
Examples of a FIPS-compliant network setup:
- Mesh bridging: In this setup, the wired network is bridged to the WLAN and the traffic in-bound from the wired network must be encrypted by the AP at FIPS standard.
- RAP split-tunneling: The traffic that is destined to the Internet is processed by the AP and it is responsible for cryptographic functions of that traffic.
In both these cases, FIPS-validated APs should be used. FIPS-validated APs have a different Part ID from non-FIPS APs.