Everything Instant On

Expand all | Collapse all

Security of updates

  • 1.  Security of updates

    Posted 10-17-2020 02:58 AM

    Is there anyway to reload the software on the APs

    is it possible to do a mitm attack on the software and therefore rogue software gets loaded onto the AP?. Like if someone is on your network and doing mitm on your router injecting code into the software on the AP?. Are updates signed with certificate pinning etc? 



  • 2.  RE: Security of updates

    Posted 10-18-2020 07:04 AM

    TRUSTED PLATFORM MODULE (TPM
    All Aruba Instant On access points have an installed
    TPM for secure storage of credentials, keys, and boot
    codes. source



  • 3.  RE: Security of updates

    Posted 10-20-2020 02:42 PM

    How does a TPM protect from rogue software getting loaded on an AP or if the AP gets exploited?  Can we reload the firmware at all?



  • 4.  RE: Security of updates

    Posted 10-20-2020 03:05 PM

    Yes, it does protect. If somebody tries to inject rogue firmware it just fails to load en returns to previous safe version.

    No you can't manually reload firmware, it's all done trough AWS cloud. Read more at https://www.arubainstanton.com/techdocs/en/content/maintenance/mobile/firm-upgrd.htm?Highlight=update#



  • 5.  RE: Security of updates

    Posted 10-22-2020 01:17 PM

     Am I please get an employee to chime in on this

    1. if your router is hijacked and performing a mitm attack, what protection is in place that rogue software doesn't get injected when an update happens

     

    2. a rogue person on the network, can they exploit the AP



  • 6.  RE: Security of updates

    Posted 10-26-2020 02:13 PM

    @JohnJ The software has specific signatures and has no possibility to load rogue software, and even if they did try it would fail due to unrecognized signatures. There is no interface to get into the AP in a live network, the AP connects and exchanges information with our secure cloud. We also conduct regular audits to detect and correct any issues that may arise.



  • 7.  RE: Security of updates

    Posted 10-26-2020 02:49 PM

    Hello

    does the AP not have a web interface that displays some information?

    does the AP11 also have a tpm to help with the above ?

    no way to perform a MITM attack, or a local attack to the AP?

    Clients concern is loading spyware/malware/virus to the AP



  • 8.  RE: Security of updates

    Posted 12 days ago
    I Too would like to know this.

    How safe are the access points from tampering, with either software / hardware ?

    ------------------------------
    Brad SS
    ------------------------------