Aruba MOVE Architecture Eases Government Smartphone and Tablet Adoption with Support for Suite B Cryptography over Mobile Networks
Aruba also announces Virtual Intranet Access (VIA) client with Suite B support for Google Android and Windows 7 devices to enable end-to-end policy compliant security for government mobile devices
Sunnyvale, CA – July 25, 2011 – Aruba Networks, Inc. (NASDAQ: ARUN) today announced significant expansion of its secure mobility offerings by introducing Suite B cryptography on the Aruba Mobility Controller for use in classified government and high-security enterprise networks.
The combination of Suite B cryptography and the Mobile Device Access Control (MDAC) capabilities of the Aruba Mobile Virtual Enterprise (MOVE) architecture enables fast, simple and secure provisioning of mobile devices including smartphones and tablets on secret-level classified government and high-security enterprise networks. The company also announced the availability of its Virtual Intranet Access (VIA) client with Suite B support for use with Google Android and Windows 7 devices, to facilitate policy-compliant mobile device support in government and other installations.
Developed in cooperation with the U.S. National Security Agency (NSA), Suite B is a set of publicly-available, standards-based algorithms that serve as the cryptographic foundation to secure both unclassified information and most classified information. As such, the NSA has authorized the use of Suite B to bring secure mobility to commercially available smartphones, tablets and other smart devices to facilitate the sharing of sensitive/classified information among disparate agencies.
“Government agencies see the same benefits in tablet and smartphone use that private enterprises do,” said Patrick Guerin, Chief Technology Officer, Key Management Systems, Inc. “However, they need a solution that combines commercial technology with stronger underlying cryptographic algorithms. Today’s existing solutions for classified networking are expensive, hard to use, suffer from slow performance and are operationally limited by current EKMS-based cryptographic policies and technologies. Aruba’s Suite B implementation addresses these issues by offering an easily-deployed solution that has the low price and high performance characteristics of a commercial solution. The underlying computation methods are also much more efficient, making them ideal for high-performance applications such as voice and video.”
Government agencies are under the same pressure as the private sector to allow the use of smartphones, tablets and other “commercial” devices on their networks, and while the benefits are equally clear, the security capabilities required of government networks are much more stringent than those of their general enterprise counterparts. Aruba was the first and is still the only mobile access networking vendor whose wireless portfolio is certified to meet Suite B criteria. Because the Aruba solution is based on commercially available cryptography technology, it is available not only to U.S. government agencies but to defense, government and other high-security organizations worldwide.
Suite B is supported in all currently shipping Aruba mobility controller hardware, which includes Aruba 6000 series, M3-Mk1, 3000 series and the 600 series mobility controllers. Aruba controller hardware, ArubaOS, and the VIA client will be appropriately validated through the U.S. National Institute of Standards and Technology and other agencies for certification for deployment as part of a classified access network architecture.
The Aruba VIA client, previously available from Aruba for commercial use, will now also support Suite B. The VIA client detects whether the client device is connected to a trusted or untrusted network, and then uses a combination of authentication and encryption to create a secure tunnel connection to its mobility controller. It can operate in 802.11i WLAN Client Supplicant mode, Ethernet LAN IPSEC mode or Remote Access IPSEC mode.
The following protocols and methods for Suite B are supported in ArubaOS 6.1:
- AES-128-CBC, AES-128-CCMP legacy modes
- AES-256-GCM for Suite B symmetric cryptography
- Elliptical Curve Diffie-Helman (ECDH) for key exchange
- SHA-256 / SHA-384 Secure Hash
- WLAN Mode: 802.11i + Suite B using EAP-TLS
- VPN Mode: IPSEC + Suite B using IKEv1 or IKEv2
“Military, intelligence and many civilian agencies have transitioned to network-centric applications that reside on classified networks and run well on mobile devices,” said Dave Logan, vice president of government solutions for Aruba. “As traffic has grown and as mobility has increased, these classified networks have experienced a dramatic increase in importance and usage. By focusing on commercial solutions to provide classified network access, these organizations are able to maintain high performance, lower acquisition and operations costs and reap the benefits of a more rapid cycle of feature and product innovation.”
About Aruba Networks, Inc.
Aruba Networks is a leading provider of next-generation network access solutions for the mobile enterprise. The company’s Mobile Virtual Enterprise (MOVE) architecture unifies wired and wireless network infrastructures into one seamless access solution for corporate headquarters, mobile business professionals, remote workers and guests. This unified approach to access networks dramatically improves productivity and lowers capital and operational costs.
Listed on the NASDAQ and Russell 2000® Index, Aruba is based in Sunnyvale, California, and has operations throughout the Americas, Europe, Middle East, and Asia Pacific regions. To learn more, visit Aruba at www.arubanetworks.com. For news and real-time updates, please visit one of Aruba’s community sites.
© 2011 Aruba Networks, Inc. Aruba Networks’ trademarks include the design mark for AirWave, Aruba Networks®, Aruba Wireless Networks®, the registered Aruba the Mobile Edge Company logo, the registered AirWave logo, Aruba Mobility Management System®, Mobile Edge Architecture®, People Move. Networks Must Follow®, RFProtect®, Green Island®. All rights reserved. All other trademarks are the property of their respective owners.
Aruba Networks, Inc.
LSH Communications for Aruba Networks