background image
Security Policy for the ES520 Fortress Secure Wireless Access Bridge. (Doc. V1.1)
Page 4 of 19
Copyright
© 20076 Fortress Technology, Inc., 4023 Tampa Rd., Suite 2000, Oldsmar, FL 34677
This document can be reproduced and distributed only whole and intact, including this copyright notice.
1.0 Introduction
This security policy defines all security rules under which the Fortress Secure Wireless Access
Bridge ES520 must operate and which it must enforce, including rules from relevant standards
such as FIPS. The Fortress Secure Wireless Access Bridge ES520 must comply with all FIPS
140-2 level 2 requirements.
1.1
Identification
Hardware Module Numbers: ES520
Firmware Version: 2.6.1
The Fortress Secure Wireless Access Bridge ES520, also referred to as the ES520, is a a multi-
chip standalone electronic cryptographic encryption module. The cryptographic boundary of the
module is the ES520 hardware enclosure. This module operates as an electronic encryption
device designed to prevent unauthorized access to data transferred across a wireless network. The
ES520 is designed to prevent unauthorized access to data transferred across a wireless network. It
provides strong encryption (AES 128, 192 and 256 bit keys) and advanced security protocols.
Figure 1: The ES520 Fortress Secure Access Bridge Top Level Configuration
The ES520 encrypts and decrypts traffic transmitted on a network, protecting all clients "behind"
it on a protected network. Only the cryptographic officers can log into the module. The flavors of
Cryptographic Officer are defined as:
· When accessing through the Bridge GUI
o
Administrator
o
Operator
· When accessing through the Command Line Interface (CLI)
o
System Administrator,
The ES520 operates at the datalink, layer of the OSI model. Most of the security protocols are
implemented without human intervention to prevent any chance of human error.
The ES520 requires no special configuration for different network applications. Its security
protocols are implemented without human intervention to prevent any chance of human error;
therefore, the products operate with minimal intervention from the user. It secures communication
within LANs, WANs, and WLANs.
Fortress Secure Wireless
Access Bridge ES520
ES520 Host
Hardware
Fortress Secure Wireless Access
Bridge Firmware 2.6.1