Harris RF Communications Division RF-7800W-G2 User Manual

H A R R I S C O R P O R A T I O N | Communication Systems FCC ID: AQZ-RF-7800W-G2

1 of 4

U-NII Device Security

for

RF-7800W-OUxxx

Broadband Ethernet Radio

Harris Corporation

Communication Systems Division

1680 University Avenue

Rochester, NY 14610

USA

THIS INFORMATION IS EAR CONTROLLED

THIS INFORMATION IS CONTROLLED BY THE U.S.

DEPARTMENT OF COMMERCE EXPORT

ADMINISTRATION REGULATIONS 15 CFR 730-774, ECCN

EAR99. EXPORT OR DISCLOSURE TO FOREIGN

PERSONS MAY VIOLATE U.S. FEDERAL REGULATIONS

H A R R I S C O R P O R A T I O N | Communication Systems FCC ID: AQZ-RF-7800W-G2

2 of 4

General Description

1. Describe how any software/firmware
updates for elements than can affect the

device’s RF parameters will be obtained,

downloaded, validated and installed. For
software that is accessed through

manufacturer’s website or device’s

management system, describe the
different levels of security as appropriate.

Firmware updates will be obtained from the manufacturer’s support website by

the professional installer. The professional installer will install firmware
updates. An RSA digital signature is verified after the firmware has been
transferred to the radio but before it has been saved to non-volatile memory.
Only if the digital signature is valid is the firmware stored to non-volatile
memory.

The support website is protected by HTTPS
(TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS 1.2). Access to
the support website is using a username and password. User accounts for
the support website are granted only after a customer has been vetted by the
manufacturer's security department.

2. Describe the RF parameters that are
modified by any software/firmware
without any hardware changes. Are these
parameters in some way limited such that
any other software/firmware changes will
not allow the device to exceed the
authorized RF characteristics?

Center Frequency, Channel Width, Transmit Power, and Dynamic Frequency
Selection can be modified in firmware without hardware changes. The radio
includes a per unit unique, factory loaded firmware option key which dictates
the operational frequency band. The radio firmware does not allow the
operational channel to exceed the authorized frequency band limits (high/low
frequency).

Configuration parameters can only be modified by the professional installer.

3. Describe in detail the authentication
protocols that are in place to ensure that
the source of the RF-related
software/firmware is valid. Describe in
detail how the RF-related software is
protected against modification.

An RSA digital signature is verified after the firmware has been transferred to
the unit but before it has been saved to non-volatile memory. Only if the digital
signature is valid is the firmware stored to non-volatile memory.

The radio checks the integrity of the firmware using a 16-bit error detection
code (EDC). A CRC-16 is used to verify that the image has not been modified.
At power-up the module computes a new digest and compares it to a pre­computed digest value. If the values are the same the test passes.
Otherwise, the test fails.

4. Describe in detail any encryption
methods used to support the use of
legitimate RF-related software/firmware.

Wireless: AES-128 and AES-256
HTTPS: SSLv2*, SSLv3* and TLS 1.0; RC2*, RC4*, DES*, 3DES, AES
SSHv2: 3DES, AES
SNMPv3: DES*, AES

Secure, encrypted file transfer of the firmware is available via HTTPS or SFTP
* Disallowed in FIPS 140-2 compatible mode

5. For a device that can be configured as
a master and client (with active or
passive scanning), explain how the
device ensures compliance for each
mode? In particular if the device acts as
master in some band of operation and
client in another; how is compliance
ensured in each band of operation?

Both master and client modes may be used regardless of the band of
operation.

The radio includes a per unit unique, factory loaded firmware option key which
dictates the operational frequency band. The radio firmware does not allow
the operational channel to exceed the authorized frequency band limits
(high/low frequency).