FIPS 140

tspilman · ‎08-30-2003

Does anybody have experience with this security standard? We have a combination of mobile vehicles and fixed sites on a test grid. All are using either BR350's or WGB350's. We have 3 towers with one tower accessing the post LAN. All towers are using BR350's set up in root mode. The backbone between the towers are using Proxim QuickBridge 60's (1400 series were not available at the time).

We are planning on setting up more grids in the future, but need to comply with the FIPS 140-2 standard. Any DOD expertise out there?

Thanks

Tom

mvario · ‎08-31-2003

The only wireless-specific products I'm aware of are Fortress technology's AirFortress (which the army is using) and Cranite Sysems WirelessWall (which West Point is using. As far as I know those are AP to client solutions.

For you situation yu may want to you a VPN concentrator and a site-to-site VPN. See this link for current Cisco gear that is FIPS-140:

http://www.cisco.com/en/US/netsol/ns110/ns170/ns171/networking_solutions_audience_business_benefit0900aecd8009a16f.html#fips

kkulp · ‎09-02-2003

You have several options here.

First, as stated in another reply, you could build a solution around site-to-site VPNs. However, the mobile units may pose somewhat of a challenge with that solution, likely requiring the use of Cisco mobile access routers.

Additionally, the AirFortress product from Fortress technologies can be used to build a layer 2 vpn tunnel between two endpoints. It's basically as simple as placing an AirFortress bridge behind each of your Cisco wireless bridges. They will find each other and build a tunnel. Currently, AirFortress is certified at FIPS 140-1.

mvario · ‎09-08-2003

Just saw this today:

http://www.unstrung.com/document.asp?doc_id=39807

ReefEdge (wireless gateway product, layer 3 VPN) just received FIPS 140-2 Level 2 certification.