Ir para a página of
Manuais similares
-
Network Card
Dell H810
87 páginas 2.66 mb -
Network Card
Dell H810
87 páginas 2.66 mb -
Network Card
Dell 100-Mbps
80 páginas 2.67 mb -
Network Card
Dell H710
87 páginas 2.66 mb -
Network Card
Dell AP-175
45 páginas 1.11 mb -
Network Card
Dell 9200
170 páginas 3.69 mb -
Network Card
Dell R710
208 páginas 5.65 mb -
Network Card
Dell W- AP92
45 páginas 1.11 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto Dell AP-134. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoDell AP-134 vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual Dell AP-134 você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual Dell AP-134, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual Dell AP-134 deve conte:
- dados técnicos do dispositivo Dell AP-134
- nome do fabricante e ano de fabricação do dispositivo Dell AP-134
- instruções de utilização, regulação e manutenção do dispositivo Dell AP-134
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque Dell AP-134 não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos Dell AP-134 e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço Dell na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas Dell AP-134, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo Dell AP-134, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual Dell AP-134. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
1 FIPS 140-2 Non-Proprietary Security Policy for Aruba AP-13 4, AP -135 and Dell W- AP 134, W - A P1 35 Wireless A ccess Points Version 1.2 February 20 12 Aruba Networks™ 1322 Crossman Ave. Sunnyvale, C A 94089- 1113[...]
-
Página 2
2[...]
-
Página 3
3 1 INTRODUCTION .................................................................................................................................. 5 1.1 A RUBA D ELL R ELATIONSHIP ............................................................................................................. 5 1.2 A CRONYMS A ND A BBREVIATION S ......................[...]
-
Página 4
4 4.1.3 Wireless Clien t Authenticatio n ................................................................................................. 23 4.1.4 Strength of Authentication Mech anisms ................................................................................... 23 4.2 S ERVICES ..............................................................[...]
-
Página 5
5 1 Introduction This document constitutes t he non-prop rietary Cryptographic Mod ule Security Policy for the AP - 134 , AP- 135 Wireless Access Points with FIP S 140 -2 Level 2 validation fro m Aruba Networks. This securit y policy describes how the AP meets the securit y requirements of FIPS 1 40 -2 Level 2, and how to place and maintain the AP [...]
-
Página 6
6 SHA Secure Hash Algorithm SN MP Sim ple Network Management Protocol SPOE Serial & Power Over Ethernet TEL Tamper-Evident Label TFTP Trivial File Transfer Proto col WLAN Wireless Local Area Network[...]
-
Página 7
7 2 Product O v er v iew This section i ntroduces the var ious Aruba Wireless Access P oin ts, providing a brief overview and sum mary of the physical features of eac h model covered b y this FIPS 140 -2 security polic y. 2.1 AP - 134 This section introduces t he Aruba AP- 134 Wireless Access Po int (AP) with FIPS 140 -2 Level 2 validation. It desc[...]
-
Página 8
8 The module provides the foll owing po wer interfaces: 48V DC 802.3af or 80 2.3at or P oE + interoperable Po w er -over-Ethernet (Po E) with i ntelli-source PSE sourcing intelligence 12V DC for external AC s upplied power (adapter so ld separately) 2.1.1.3 Indicator LEDs There are 5 bicolor (power, EN ET and WLAN) LEDs which o perate as fo[...]
-
Página 9
9 2.2 AP -1 35 This section introduces t he Aruba AP- 13 5 W ireless Access P oint (AP) with FIPS 140 -2 Level 2 validation. It describes the purp ose of the AP, its physical a ttributes, and its interfaces. The Aruba AP- 13 5 is hi gh-performance 802.1 1n (3x3:3) MIMO, dual-radio (concurrent 8 02.11a/n + b/g/n) indoor wireless access point s capab[...]
-
Página 10
10 5V DC for external AC supplied power (adapter sold separately) 2.2.1.3 Indicator LEDs There are 5 b icolor (power, ENET and WLAN) LEDs which oper ate as follows: Table 2- AP -1 35 Indicator LEDs Label Function Action Status PWR AP power / read y status Off No power to AP Red Initial power-up co ndition Flashing – Green Device booting, not [...]
-
Página 11
11 3 Module Objecti v es This section d escribes th e a ssurance level s for each o f the areas described in the FIPS 140 -2 Standar d. In addition, it pro vides information on placing the module i n a FIPS 140 -2 approved configuration. 3.1 Security Levels Section Section Title Level 1 Cryptographic Module Sp ecification 2 2 Cryptographic Module P[...]
-
Página 12
12 3.2.2 AP - 134 TEL Placement This section displays all the TEL locations of the Aruba AP -134. T he A P-134 requires a minimum o f 5 TELs to be applied as follo ws: 3.2.2.1 To detect openin g of the chassis cover: 1. Spanning the bottom and top chassis covers and placed in the front left corner 2. Spanning the bottom and top chassis covers and p[...]
-
Página 13
13 Figure 4 : AP -134 Top View Figure 5: AP -134 Right View Figure 6: AP -134 Bottom View 3.2.3 AP - 135 TEL Placement This section displays all the T EL locations of the Aruba A P- 135 . The A P-134 requires a m inimum of 5 TELs to be applied as follows: 3.2.3.1 To detect openi ng of the chassis cov er: 1. Spanning the bottom and top chassis cover[...]
-
Página 14
14 2. Spanning the bottom and top chassis covers and placed in the back left corner 3. Spanning the chassis scre w on the botto m left corner 4. Spanning the chassis screw on the botto m right corner 3.2.3.2 To detect access to re stricted ports 5. Spanning the serial por t Following is the T EL placement for the AP - 135 : Figure 7 : AP -135 Front[...]
-
Página 15
15 Figure 11: AP -135 Top view Figure 12: AP - 135 Bottom View 3.2.4 Inspection/Testing of Physical Security Mechanisms Physical Security M echanism Recommended Te st Frequency Guidance Tamper-evident labels (T ELs) Once per month Examine for any sign of remo val, replacement, tearing, etc. See images above for locations of TELs Opaque module enclo[...]
-
Página 16
16 3.3 Modes of Operat ion The module has the following FIP S approved modes of operations: • Remote AP (RAP) FIPS mode – W hen the module is configured as a Remote AP, it is intended to be deploy ed in a remote location (relative to the Mobility Controller ). T he module pro vides cryptographic processing i n the for m of IPSec for all traffic[...]
-
Página 17
17 6. If the staging contro ller does not p rovide PoE, either ensure the presence of a P oE injector for the LAN connection bet ween the module and the co ntroller, or ensure t he presence o f a DC po wer supply appropriate to the particular model of the module. 7. Connect the module via an Ethernet cable to the sta ging contr oller ; note that th[...]
-
Página 18
18 7. Connect the module via an Ethernet cable to the sta ging controller; no te that this should b e a direc t connection, with no intervening net work or devices; i f Po E is being supplied by an inj ector, th is represents the o nly exception. That is, nothing o ther than a P oE injector should b e present b etween the module and the sta ging co[...]
-
Página 19
19 Section “ Pr ovisioning an Indi vidual AP ” o f Chapter “ The Basic User-Centric Net works ” o f the Aruba OS User Guide. Click “Apply and Reboot” to complete the provisioning pro cess. a. During the provisioning proce ss as Remote Mesh Portal, if Pre -shared ke y is selected to be the Re mote IP Authentication Me thod, the IKE pre-s[...]
-
Página 20
20 represents the o nly exception. That is, nothing o ther than a P oE injector should b e present b etween the module and the sta ging controller. 8. Once t he module is co nnected to the co ntroller by the Ethernet cable, navigate to the Configuration > Wireless > AP Installation page, where you sho uld see an entr y for the AP. Select that[...]
-
Página 21
21 3.5 Logical Interfaces The ph ysical interfaces are d ivided into logical interface s defined b y FIP S 140 -2 as described in the following table. FI PS 140-2 Logical Interface Module Physical Interfa ce Data Input Interface 10/100/1000 Ethernet P orts 802.11a/b/g/n Radio T ransceiver Data Output Interface 10/100/1000 Ethernet P orts 802.11a/b/[...]
-
Página 22
22 4 Roles, A u thentication an d Services 4.1 Roles The module s upports the roles of Cr ypto Officer, User , and Wireless Client; no additio nal roles ( e.g., Maintenance) are suppo rted. Ad ministrative op erations car ried out by the Aruba Mobility C ontroller map to the Crypto Officer role. The Cr ypto Officer ha s t he ability to co nfigure, [...]
-
Página 23
23 4.1.2 User Authentication Authentication for the User role depends on the module configuration. When the module is configured as a Remote Mesh Portal FIP S mode and Re mote Mesh P oint FIP S mode, the U ser role is authenticated via t he WPA2 p re-shared ke y. When the mod ule i s co nfigured as a Remote A P FIPS mode and CPSec protected AP FIP [...]
-
Página 24
24 Authentication Mechanis m Mechanis m Strength Wireless Client WPA2-PSK (Wireless Client role) For WPA2 -PSK there are at least 95^1 6 (=4.4 x 10^31) possible combinations. In order to test a guessed key, the attac ker must complete the 4-way handshake with the AP. Pr ior to completing the 4 -way handshake, t he attacker must co mplete the 802.11[...]
-
Página 25
25 4.2 Services The module provides vario us services depending o n role. These are descr ib ed below. 4.2.1 Crypto Officer Services The CO role in each of FIP S modes defi ned in section 3.3 has the same services Service Description CSPs Accessed ( see secti on 6 below for complete descrip tion of CSPs) FIPS mode enable/di sable The CO selects/de [...]
-
Página 26
26 Service Description CSPs Accessed ( see secti on 6 below for complete descrip tion of CSPs) Creation/use of secure management session bet ween module and CO The module supports use of IPSec for securing the management channel. IKEv1/IKEv2 Preshared Secret DH Private Ke y DH Public Ke y IPSec session encr yption keys IPSec ses[...]
-
Página 27
27 Service Description CSPs Accessed ( see secti on 6 below for complete descrip tion of CSPs) 802.11i AES-C CM key 802.11i GMK 802.11i GTK Use of WPA pre -shared key for establishment of IEEE 802.11i keys When the module is i n mesh configuration, the inter -module mesh links are secured with 802.11i. This is authe nticated with a shar[...]
-
Página 28
28 System status – SYSLOG and module LEDs 802.11 a/b/g/n FTP TFTP NTP GRE tunneling of 802 .11 wireless user frames ( when acting as a “Local AP”) Reboot module b y removing/replacing power Self-test and initializatio n at power-on[...]
-
Página 29
29 5 Cryptographic Algorith ms FIPS-approved cryptographic algorithms have bee n implemented in hard w are and firmware. The firmware suppo rts the following cryptographic imple mentations. ArubaOS OpenSSL AP Module implements the follo wing FIPS -app roved algorithms: o AES (Cert. #18 51) o HMAC (Cert. #109 9) o RNG (Cert. #970 ) o RSA (Cert. [...]
-
Página 30
30 6 Critical Securit y Parameters The following Critical Sec urity Parameters (CSPs) are used by the module: CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE Key Encryption Ke y (KEK) Triple-DES 168 -bits key Hard-coded Stored in flash, zeroized b y th e ‘ap wipe out flash’ command. Encrypts IKEv1/IKEv2 preshared keys and configuration par[...]
-
Página 31
31 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE IKEv1/IKEv2 Diffie - Hellman Private key 1024 -bit Diffie- Hellman private key Generated internall y during IKEv1/IKEv2 negotiation Stored in plaintext in volatile memory; zeroized when session is closed or system is powered off Used in establishing the session key for IPSec IKEv1/IKEv2 Diffie[...]
-
Página 32
32 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE WPA2 PSK 16 - 64 character shared secret used to authenticate mesh connections and in remote AP advanced configuration CO configured Encrypted in flash using the KEK; zeroized by updating through administrative interface, or by the ‘ap wipe out flash’ command. Used to derive the PMK for 80[...]
-
Página 33
33 CSP CSP TYPE GENERATION STORAGE And ZEROIZATI ON USE 802.11i Gro up Master Key (GMK) 256 -bit secret used to derive GTK Generated from appro ved RNG Stored in plaintext in volatile memory; zeroized o n reboot Used to derive Group Transient Key (GTK) 802.11i Gro up Transient Ke y (GTK) 256 -bit shared secret used to derive group (multicast) encry[...]
-
Página 34
34 7 Self T es t s The module perfor ms the follo wing Self Tests af ter being config ured into either Re mote AP mode or Remote Mesh P ortal mode. The module perfor ms both po wer-up and co nditional self -tests. In t he event an y self-test fails, the module enters an error state, lo gs the error, and reboo ts automatically. The module performs t[...]
-
Página 35
35 Self-test results are written to the serial console. In the event of a K ATs failure, the AP logs different messages, dep ending on the error. For an ArubaOS OpenSS L AP module and ArubaOS c ryptographic m odule KAT failure: AP rebooted [DATE][TIME] : Restarting System, SW FIPS KAT failed For an AES Atheros hardware POST failure: Starting HW SHA[...]