Specifications

2.8 TOE Component Communication Methods

The evaluated configuration of the TOE consists of several components that work together to

provide the TOE functionality described in this ST. Table 8 details the secure communication

methods used between TOE components:

Table 7 TOE Component Communication Methods

To/From a TOE

Component

Communication Method

Between Controller and

ACS

RADIUS with AES Key Wrap

Between Controller and

APs

CAPWAP

Between Controllers

EoIP tunnels using SSL

Between APs

Authenticated AP to AP wireless neighbor messages

(AES encrypted)

3 Conformance Claims

3.1 Protection Profile Reference

This ST claims conformance to the US Government Wireless Local Area Network (WLAN)

Access System Protection Profile (PP) For Basic Robustness Environments, version 1.1, July

25, 2007 (pp_wlan_as_br_v1.1)

3.2 Protection Profile Refinements

This ST makes the following refinements to the PP referenced above:

1) The term “FIPS 140-1/2” was replaced with the term “FIPS 140-2” to reflect the

validation scheme under which all TOE cryptomodules were evaluated,

2) The Table associated with FAU_GEN.1(1) was refined in the following ways:

1. to indicate iteration numbers for FIA_ATD.1, and FIA_USB.1;

2. to add additional rows added via refinement for FCS_BCM_(EXT).1, FCS_CKM.2,

FCS_COP.1(1), FCS_COP.1(2), FMT_SMF.1(1), FMT_SMF.1(2), FMT_SMF.1(3),

FPT_ITT.1, FTP_TST_(EXT).2 and FTA_TAB.1;

3. to change the FIA_UID.1 row to FIA_UID.2;

4. to remove FMT_REV.1; and

5. to correct typos FDP_PUD.1_(EXT) to FDP_PUD_(EXT).1 and 2nd

FCS_CKM.1(1) to FCS_CKM.1(2)