Wireless access controller gets FIPS validation
Aruba product line keeps rogue WiFi devices away from the network
- By William Jackson
- May 18, 2005
A wireless access control system from Aruba Wireless Networks Inc. of Sunnyvale, Calif., has been validated under the Federal Information Processing Standards.
The Aruba Mobility Controller, a family of wired/wireless LAN switch systems that provides centralized management of dumb access points, received FIPS-140-2 Level 2 certification. The certification applies to an IPSec virtual private network implementation using the Advanced Encryption Standard or Triple Data Encryption Standard algorithms.
The controller remains under evaluation for data-link AES encryption at Layer 2, and a stateful inspection firewall in the controller is undergoing Common Criteria evaluation.
'We are strong proponents of layered security,' said Jon Green, Aruba's directory of consulting engineering.
The primary market for the Mobility Controller has been in the financial services and health care sectors, but some federal users have been testing the product since it began FIPS evaluation, Green said.
'A good number of our customers buy the product because they want to shut down wireless and keep people out,' he said. There is no requirement for FIPS in this kind of application, but validation can help provide a transition to pervasive use of wireless LANs.
Aruba's Mobility Controllers combine 10/100/1000 Mbps Ethernet switching, a stateful firewall, VPN termination, wireless intrusion protection and radio frequency management. The products make it easier for network managers to maintain wireless access points because new services and policies can be implemented at the controller level and quickly distributed throughout the organization, according to the company.
Because functionality resides in the controller, access points become dumb devices that do not have to be secured or managed. The controller comes in several models: The Aruba 800, which can support up to 16 access points; the 2400, which can support up to 48 access points; and the 5000, which can support from 48 to 256 access points. An Aruba 6000 model can handle up to 512 access points, 8,000 simultaneous connections and up to 7.2 Gbps of encrypted throughput.
The controller also provides wireless intrusion prevention and containment of rogue access points, radio spectrum monitoring and management, packet and session inspection and supports RSA SecurID and other tokens and smart cards for authentication.
William Jackson is freelance writer and the author of the CyberEye blog.