Achieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients

Similar documents
Mobilize Your Internet. Enabling the Wireless Broadband Revolution with Intel WiMAX Technology

Evolving Small Cells. Udayan Mukherjee Senior Principal Engineer and Director (Wireless Infrastructure)

Innovating and Integrating for Communications and Storage

Intel Cache Acceleration Software for Windows* Workstation

Intel Learning Series Developer Program Self Verification Program. Process Document

Intel Desktop Board DZ68DB

How to Create a.cibd File from Mentor Xpedition for HLDRC

How to Create a.cibd/.cce File from Mentor Xpedition for HLDRC

LED Manager for Intel NUC

Drive Recovery Panel

Intel Server Board S2600CW2S

How does your organization manage Privileged Users?

Intel Manageability Commander User Guide

Intel Server Board S2400SC

Intel Atom Processor E6xx Series Embedded Application Power Guideline Addendum January 2012

Embedded and Communications Group January 2010

Migration Guide: Numonyx StrataFlash Embedded Memory (P30) to Numonyx StrataFlash Embedded Memory (P33)

Intel Cluster Ready Allowed Hardware Variances

Intel RealSense Depth Module D400 Series Software Calibration Tool

Installation Guide and Release Notes

Requirements for Building Effective Government WLANs

Intel USB 3.0 extensible Host Controller Driver

Intel G31/P31 Express Chipset

Intel Atom Processor D2000 Series and N2000 Series Embedded Application Power Guideline Addendum January 2012

Intel Atom Processor E3800 Product Family Development Kit Based on Intel Intelligent System Extended (ISX) Form Factor Reference Design

Intel Extreme Memory Profile (Intel XMP) DDR3 Technology

Intel 848P Chipset. Specification Update. Intel 82848P Memory Controller Hub (MCH) August 2003

INTEL PERCEPTUAL COMPUTING SDK. How To Use the Privacy Notification Tool

Intel Desktop Board DG41CN

DoDD DoDI

Intel Desktop Board D946GZAB

Lenovo ThinkCentre M90z with Intel vpro Technology. Stefan Richards Intel Corporation Business Client Platform Division

Theory and Practice of the Low-Power SATA Spec DevSleep

Intel Desktop Board D975XBX2

The Intel SSD Pro 2500 Series Guide for Microsoft edrive* Activation

Intel Desktop Board D945GCLF2

Intel RealSense D400 Series Calibration Tools and API Release Notes

Intel Desktop Board DG31PR

Non-Volatile Memory Cache Enhancements: Turbo-Charging Client Platform Performance

Intel Server Board S2600STB

Intel Server Board S5520HC

White paper. Combatant command (COCOM) next-generation security architecture

Intel Desktop Board DG41RQ

Intel Core TM Processor i C Embedded Application Power Guideline Addendum

Intel Desktop Board D945GCCR

Intel Desktop Board D945GCLF

OpenCL* and Microsoft DirectX* Video Acceleration Surface Sharing

PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL

Data Plane Development Kit

Mobile Intel Pentium 4 Processor-M and Intel 852PM/GME/GMV Chipset Platform

Software Evaluation Guide for ImTOO* YouTube* to ipod* Converter Downloading YouTube videos to your ipod

Intel 945(GM/GME)/915(GM/GME)/ 855(GM/GME)/852(GM/GME) Chipsets VGA Port Always Enabled Hardware Workaround

Intel Server Board S1200BTS

Intel Open Source HD Graphics Programmers' Reference Manual (PRM)

Secure Government Computing Initiatives & SecureZIP

Product Change Notification

Intel X48 Express Chipset Memory Controller Hub (MCH)

Intel Core vpro Processors Common-Use Guide

Intel 82580EB/82580DB GbE Controller Feature Software Support. LAN Access Division (LAD)

Intel Desktop Board DP45SG

Mary Yeoh Intel Penang Design Center (ipdc) Intel Corporation Penang, Malaysia

Intel Setup and Configuration Service. (Lightweight)

Intel Desktop Board DP55SB

Software Evaluation Guide for CyberLink MediaEspresso *

Odyssey Access Client

Intel Platform Administration Technology Quick Start Guide

Intel Cache Acceleration Software - Workstation

Enhanced Serial Peripheral Interface (espi) ECN

Installation Guide and Release Notes

SafeNet Authentication Client

Intel Desktop Board DH61SA

Intel Desktop Board DH55TC

WLAN Security Overview

Intel Parallel Studio XE 2011 for Windows* Installation Guide and Release Notes

Intel s Architecture for NFV

Intel Core TM i7-4702ec Processor for Communications Infrastructure

Sample for OpenCL* and DirectX* Video Acceleration Surface Sharing

Product Change Notification

Data Center Energy Efficiency Using Intel Intelligent Power Node Manager and Intel Data Center Manager

BlackBerry Mobile Voice System

Strategies for the Implementation of PIV I Secure Identity Credentials

Software Evaluation Guide for WinZip 15.5*

Intel IT Director 1.7 Release Notes

The Honest Advantage

Intel Desktop Board DP67DE

Intel Open Source HD Graphics, Intel Iris Graphics, and Intel Iris Pro Graphics

Intel PROSet/Wireless WiFi Connection Utility User's Guide

Application Note. Deploying Survivable Unified Communications Solutions with the Dialogic 2000 Media Gateway Series

ARUBA MULTIZONE DATA SHEET

True Scale Fabric Switches Series

SELINUX SUPPORT IN HFI1 AND PSM2

Intel 852GME/852PM Chipset Graphics and Memory Controller Hub (GMCH)

Intel Desktop Board D102GGC2 Specification Update

Streamlined FISMA Compliance For Hosted Information Systems

The Telkonet iwire System Frequently-Asked Questions - General

Open FCoE for ESX*-based Intel Ethernet Server X520 Family Adapters

Intel Desktop Board DH61CR

Intel Server Board S1200V3RPO Intel Server System R1208RPOSHORSPP

Intel vpro Technology Virtual Seminar 2010

Product Change Notification

Transcription:

Achieving a FIPS Compliant Wireless Infrastructure using Intel Centrino Mobile Technology Clients

This document is provided as is with no warranties whatsoever, including any warranty of merchantability, noninfringement fitness for any particular purpose, or any warranty otherwise arising out of any proposal, specification or sample Information in this document is provided in connection with Intel products. No license, express or implied, by estoppels or otherwise, to any intellectual property rights is granted by this document. Except as provided in Intel's Terms and Conditions of Sale for such products, Intel assumes no liability whatsoever, and Intel disclaims any express or implied warranty, relating to sale and/or use of Intel products including liability or warranties relating to fitness for a particular purpose, merchantability, or infringement of any patent, copyright or other intellectual property right. Intel products are not intended for use in medical, life saving, or life sustaining applications. Intel does not control or audit the design or implementation of 3rd party benchmarks or websites referenced in this document. Intel encourages all of its customers to visit the referenced websites or others where similar performance benchmarks are reported and confirm whether the referenced benchmarks are accurate and reflect performance of systems available for purchase. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked reserved or undefined. Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. This document contains information on products in the design phase of development. Do not finalize a design with this information. Revised information will be published when the product is available. Verify with your local sales office that you have the latest datasheet before finalizing a design. Intel Centrino, Intel PRO/Wireless Network Hardware and Intel logo are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. Actual measurement results may vary depending on the specific hardware and software configuration of the computer system measured, the characteristics of those computer components not under direct measurement, variation in processor manufacturing processes, the benchmark utilized, the specific ambient conditions under which the measurement is taken, and other factors. All plans, features and dates are preliminary and subject to change without notice. * Third-party brands and names are the property of their respective owners. Copyright Intel Corporation 2006 FIPS Validated 140-2 is a Certification Mark of National Institute of Standards and Technology (NIST), which does not imply product endorsement by NIST, the U.S. or Canadian Governments. 2

Contents 1 Overview... 4 2 What is FIPS?... 4 3 Intel Centrino Mobile Technology... 4 3.1 Features and Benefits... 4 3.2 Total Cost of Ownership (TCO)... 6 4 Why Intel Centrino Mobile Technology Clients?... 6 3

1 Overview Private sector organizations wanting to do business with the U.S. Federal Government must use Federal Information Processing Standard (FIPS) validated network infrastructures and wireless clients to enable more secure use and communication for mobile devices and notebook computers utilizing Wi-Fi Alliance WPA2*/IEEE 802.11i* security. 2 What is FIPS? The Intel Centrino mobile technology client is FIPS compliant in security, interoperability, affordability and reliability. Intel PRO/Wireless Network Connection hardware is FIPS validated with the 3e Technologies International* (3eTI*) supplicant enabled solution. For more information on 3eTI FIPS certificate number 663, visit http://csrc.nist.gov/cryptval/140-1/140val-all.htm Federal agencies, industry and the public rely on cryptography to secure communications and protect information used in critical infrastructures, electronic commerce and other applications. The National Institute of Standards and Technology (NIST) established the Cryptographic Module Validation Program (CMVP) that validates cryptographic modules for the FIPS 140-1, 140-2 Security Requirements for Cryptographic Modules and other FIPS cryptography-based standards for protection of sensitive, unclassified data in the U.S. Government. FIPS also provides guidelines governing the design, implementation and deployment of these functions. Intel Centrino mobile technology clients are FIPS validated to deliver the compliance and requirements for achieving security, reliability, affordability, interoperability and assurance with FIPS 140-1 and 140-2 standards. 3 Intel Centrino Mobile Technology The Intel Centrino mobile technology client (hardware and software) with the 3eTI supplicant enabled solution is FIPS 140-2 certified solution that delivers increased security. The cryptographic libraries are tested and verified for the U.S. and Canadian governments, an important attribute for deploying mission-critical, highly secure mobile applications to the wide range of government organizations. The U.S. Department of Defense (DoD), Navy, Air Force, Marine Corps, Army, Coast Guard, National Guard, Reserves, Department of Homeland Security, National Institute of Justice, National Security Agency (NSA), Office of Government Policy, General Services Administrations (GSA), State Department, Department of Justice, Federal employees and contractors and most government entities use FIPS. Because of the robust security offered by FIPS-compliance, companies in financial services, healthcare, education and manufacturing are also incorporating FIPS into their wireless network infrastructures. 3.1 Features and Benefits Intel Centrino mobile technology clients accompanied with 3eTI developed 3e-010F-C-2 Cryptomodule* Software provide an optimal FIPS compliant solution. The Crypto Client is FIPS 140-2 validated as well as IEEE 802.11i-compliant and WPA2 certified. The Intel Centrino mobile technology client with the Crypto Client seamlessly works with 3 rd party vendor wireless access points for more secure wireless interoperability at an attractive price-point. The Crypto Client supports Microsoft Windows 2000* and Microsoft Windows XP* (Home and Professional Editions*) and provides IEEE 802.11a/b/g wireless access along with 4

enhanced protection through variety of cryptographic features that deliver a high level of security for wireless environments. 3eTI is a leading wireless infrastructure and application company. With its focus on the U.S. government market, 3eTI developed Crypto Client for Intel Centrino mobile technology 1. For more information about 3eTI refer to the link http://www.3eti.com/. Intel Centrino mobile technology clients meet the key requirements of new DoD and Federal WLAN Policies in order to protect IT investments with standard-based solutions. Intel/3eTI Solutions comply with DoD Wireless Security Requirements Key Requirement IEEE 802.11i EAP-TLS IEEE 802.x AES-CCM DoD PKI FIPS 140-2 Common Criteria Intel/3eTI Solutions 3eTI holds the first CCM certificate issued by NIST In evaluation for EAL 2+ (Evaluation Assurance Level) compliance 1 3e-010F-C-2 Cryptmodule* (Crypto Client Software) is FIPS-validated for Intel PRO/Wireless Network Connection 2200BG and Intel PRO/Wireless Network Connection 2915ABG. FIPS-140-2 validation for Intel PRO/Wireless Network Connection 3945ABG in progress. Intel Centrino wireless clients go beyond the DoD wireless policy baseline identified in the table by providing the following additional features and functionality: IEEE 802.11i (WPA2) baseline with additional 256-bit AES Security Layer 2 Security for Wireless Protection (separate from and independent of Layer 3 VPN design or architecture) DoD PKI (JITC certified) with password protection for multiple level authentication X.509 Certificates Availability of Custom DKE (Dynamic Key Exchange, per user, per session) Multiple location profiles Compatible with Virtual Private Networks (VPN) Site survey support FIPS 140-2 validated meets current and upcoming government security policy requirements. IEEE 802.11i and Wi-Fi Alliance WPA-2* compliance enables maximum security and interoperability with most WLAN infrastructures for most notebook computers with built-in Intel Centrino mobile technology without impacting application performance. They prevent cryptographic attacks as defined in FIPS 140-2 and can be used in non-fips environments, such as hot spots and home networks. 5

3.2 Total Cost of Ownership (TCO) FIPS 140-2 validated Intel Centrino mobile technology enables federal government agencies and the U.S. Department of Defense to purchase and deploy notebook computers based on Commercial Off-The-Shelf (COTS) technology. This provides the following key benefits: Government-Level Security: All Intel Centrino -based notebook computers meet government requirements for Wi-Fi security. Lower Acquisition Cost: Intel Centrino standards-based platforms are provided by multiple commercial vendors. Simpler Deployment: Users can connect wirelessly with Intel Centrino platforms without the need for proprietary client software. Standards-Based Interoperability: Intel Centrino mobile technology platforms are Wi-Fi ready; there is no need for vendor or model-specific Wi-Fi drivers. DoD Information Technology Security Certification and Accreditation Process (DITSCAP) establishes a standard DoD-wide process, set of activities, general tasks, and a management structure to certify and accredit Information Systems (IS) that maintain the information Assurance (IA) and security posture of the Defense Information Infrastructure (DII) throughout the life cycle of the system. Systems that include Intel Centrino clients are eligible for DITSCAP certification and for Sensitive But Unclassified (SBU) data communication using Non-Secure Internet Protocol Router Network (NIPERNET). The Intel Centrino mobile technology client is compliant with both DITSCAP and NIPERNET. 4 Why Intel Centrino Mobile Technology Clients? The latest Intel Core 2 Duo Processor coupled with Intel PRO/Wireless Hardware Connection hardware delivers greater performance with enhanced capabilities that include the following capabilities without compromising Wi-Fi security. Voice over Internet Protocol (VoIP) Includes VoIP enhancements to enable more secure VoIP over wireless networks Enhanced Battery Life Intel Intelligent Scanning Technology reduces power by controlling the frequency of scanning for access points and support for Power Save Protocol (PSP) enables five selectable power states, allowing the user to make their own power versus performance choices when in battery mode. Wake on WLAN Allows remote wake up of mobile clients to perform software and security updates Intel Active Management Technology (Intel AMT) Allows IT to discover, heal and protect network computing assets Flexibility Wireless Connectivity Intel PRO/Wireless Network Connection products supports IEEE 802.11a/b/g Robust Throughput Delivers up to 54 Mbps at 5 GHz (IEEE 802.11a) and 2.4 GHz (IEEE 802.11g) Bluetooth Coexistence Reduces interference with Bluetooth* devices using Intel Wireless Coexistence System technology 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback