Reference Guide
Aruba 600 Series Controllers FIPS 140-2 Level 2 Security Policy|13
Physical Security
The Aruba Controller is a scalable, multi-processor standalone network device and is enclosed in a robust
housing. The controller enclosure is resistant to probing and is opaque within the visible spectrum. The
enclosure of the module has been designed to satisfy FIPS 140-2 Level 2 physical security requirements.
The Aruba 600 Series Controller requires Tamper-Evident Labels (TELs) to allow the detection of the
opening of the chassis cover and to block the Serial console port.
To protect the Aruba 600 Series Controller from any tampering with the product, TELs should be applied
by the Crypto Officer as covered under “Tamper-Evident Labels” in this document.
Operational Environment
The operational environment is non-modifiable. The control plane Operating System (OS) is Linux, a real-
time, multi-threaded operating system that supports memory protection between processes. Access to the
underlying Linux implementation is not provided directly. Only Aruba Networks provided interfaces are
used, and the CLI is a restricted command set.
Logical Interfaces
All of these physical interfaces are separated into logical interfaces defined by FIPS 140-2, as described
in the following table.
Table4 FIPS 140-2 Logical Interfaces
FIPS 140-2 Logical Interface Module Physical Interface
Data Input Interface
10/100MbpsEthernetPort
10/100/1000MbpsEthernetPort
ExpressCardslot(disabled)
USB2.0ports
Data Output Interface
10/100MbpsEthernetPort
10/100/1000MbpsEthernetPort
ExpressCardslot(disabled)
USB2.0ports
Control Input Interface
10/100MbpsEthernetPort
10/100/1000MbpsEthernetPort
ExpressCardslot(disabled)
MediaEjectButton
SerialConsoleport(disabled)