User Guide
Wi-Fi Array
422 Appendix D: Implementing Security Stan-
The pci-audit command checks the following items:
z Telnet is disabled.
z Admin RADIUS is enabled (admin login authentication is via RADIUS
server).
z An external Syslog server is in use.
z All SSIDs must set encryption to WPA or better (which also enforces
802.1x authentication)
Sample output from this command is shown below.
Figure 190. Sample output of pci-audit command
Implementing FIPS Security on the Wi-Fi Array
On the Wi-Fi Array Wi-Fi Arrays may be configured to satisfy the requirements
for Level 2 of Federal Information Processing Standard (FIPS) Publication 140-2.
The procedure in this section lists simple steps that must be followed exactly to
implement FIPS 140-2, Level 2. The procedure includes physical actions, and
parameters that must be set in Web Management Interface (WMI) windows in the
Security section and in other sections.
The following topics are discussed:
z “To implement FIPS 140-2, Level 2 using WMI” on page 423.
z “To check if an Array is in FIPS mode:” on page 428
z “To implement FIPS 140-2, Level 2 using CLI:” on page 428
SS-Array(config)# pci-audit
PCI audit failure: telnet enabled.
PCI audit failure: admin RADIUS authentication disabled.
PCI audit failure: SSID ssid2 encryption too weak.
PCI audit failure: SSID ssid3 encryption too weak.
PCI audit failure: SSID ssid4 encryption too weak.
PCI audit failure: SSID ssid5 encryption too weak.
PCI audit failure: SSID ssid6 encryption too weak.