Dell PowerConnect W-Series FIPS Dell PowerConnect W-600 Controller Series Secu - Page 28
Alternating Bypass State, Mitigation of Other Attacks, XSec, RSA Pairwise Consistency test
View all Dell PowerConnect W-Series FIPS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 28 highlights
number with the random number generated in the previous round and enters an error state if the comparison is successful. The test is performed for approved as well as non-approved RNGs. Bypass test RSA Pairwise Consistency test ECDSA Pairwise Consistency test Firmware Load Test Self-test results are logged in a log file. Upon successful completion of the power-up self tests, the module logs a KATS: passed message into a log file. Confirm the file update by checking the associated time of the file. In the event of a hardware KATs failure, the log file records one of the following messages depending on the algorith being tested: AES256 HMAC-SHA1 hash failed AES256 Encrypt failed AES256 Decrypt Failed 3DES HMAC-SHA1 hash failed 3DES Encrypt failed 3DES Decrypt Failed DES HMAC-SHA1 hash failed DES Encrypt failed DES Decrypt Failed HW KAT test failed for AESCCM CTR. Rebooting AESCCM Encrypt Failed This text is followed by this message: The POST Test failed!!!! Rebooting... Alternating Bypass State The controller implements an alternating bypass state when: a port is configured in trusted mode to provide unauthenticated services a configuration provides wireless access without encryption The alternating bypass status can be identified by retrieving the port configuration or the wireless network configuration. Mitigation of Other Attacks ArubaOS includes two modules that provide protection from attacks. These are: XSec Wireless Intrusion Protection XSec xSec is a highly secure data link layer (Layer 2) protocol that provides a unified framework for securing all wired and wireless connections using strong encryption and authentication. xSec provides greater security than Layer 3 encryption technologies through the use of FIPS-validated encryption algorithms (AES-CBC256 with HMAC-SHA1) to secure Layer 2 traffic, as well as the encryption of Layer 2 header information including MAC addresses. xSec was jointly developed by Aruba Networks and Funk Software. 26 | FIPS 140-2 Level 2 Features Aruba 620, 650 and Dell W-620, W-650 | FIPS 140-2 Level 2 Release Supplement