beautypg.com

AvaLAN Wireless AW900FS User Manual

Page 2

background image

High Security Supplement

User’s Manual

PAGE 2

Technical Support (650) 384-0000

www.avalanwireless.com

If you have an AvaLAN radio with FIPS 140-2 Security, this supplement to the User Manual provides
instructions for setting up the encryption. Please disregard the AES Encryption instructions in the regular
manual: This supercedes them. A feature of the level of security provided is that there is no way to
change the encryption method or key through the radio's interface. A separate port must be used.
To program the encryption characteristics of your AvaLAN radio, a PC must be connected to the USB
port on the side of the case:

The PC must have two critical pieces of software installed:
1. A driver that provides a virtual COM port through the USB connection. Such a driver is already

included with Windows XP, Vista or 7 and should automatically be located and loaded when the
USB connection is first made.

2. A Crypto Module Interface utility that can be downloaded from our website, www.avalanwireless.

com. Look for it on the Downloads page under the Support tab. The file is a zip archive containing
an installer for the utility. Unzip and run it to install the utility on your PC.

If you prefer to use a computer with a non-Windows operating system, it is also possible to program
the module with a virtual COM port driver and a generic terminal emulator. Contact AvaLAN Technical
Support for help with this feature.
The person having access to the programming interface is referred to by the FIPS 140-2 Standard as
the Crypto Officer. As the Crypto Officder, part of the responsibility for data security rests with your
choice of a strong login password and encryption key. You should program the encryption modules in
both radios of your wireless link at the same time and on the bench prior to deployment. (This is much
more convenient than climbing a pole with a laptop strapped around your neck.) Make sure you do
not lose the login password and encryption key because they cannot be retrieved from the modules
in any fashion.