Wireless Configuration and Security
32
ProSAFE Dual-Band Wireless AC Access Point WAC720 WAC730
100-foot radius. Such distances can allow for others outside your immediate area to access
your network.
Unlike wired network data, your wireless data transmissions can extend beyond your walls
and can be received by anyone with a compatible adapter. For this reason, use the security
features of your wireless equipment. The wireless access point provides highly effective
security features that are covered in detail in this chapter. Deploy the security features
appropriate to your needs.
Figure 4.
You can enhance the security of your wireless network in several ways:
• Use multiple BSSIDs combined with VLANs.
You can configure combinations of
VLANS and BSSIDs (security profiles) with stronger or less restrictive access security
according to your requirements. For example, visitors could be given wireless Internet
access but be excluded from any access to your internal network. For information about
how to configure BSSIDs, see Configure and Enable Security Profiles on page 35.
• Restrict access based on MAC address. Y
ou can allow only trusted devices to connect
so that unknown devices cannot wirelessly connect to the wireless access point.
Restricting access by MAC address adds an obstacle against unwanted access to your
network, but the data broadcast over the wireless link is fully exposed. For information
about how to restrict access by MAC address, see Restrict Wireless Access by MAC
Address on page 44.
• T
urn off the broadcast of the wireless network name (SSID). If you disable broadcast
of the SSID, only devices with the correct SSID can connect. This nullifies the wireless
network discovery feature of some products, such as Windows XP, but the data is still
exposed. For information about how to turn off broadcast of the SSID, see Configure and
Enable Security Profiles on page 35.
• Legacy 802.1X. Legacy 802.1X uses RADIUS-based 802.1x authentication but no data
encryption. For information about how to configure Legacy 802.1X, see Configure and
Enable Security Profiles on page 35 and Configure Legacy 802.1X on page 39.
• WP
A and WPA-PSK (TKIP). Wi-Fi Protected Access (WPA) data encryption provides
strong data security with Temporal Key Integrity Protocol (TKIP) encryption. The very
strong authentication along with dynamic per-frame rekeying of WPA makes it virtually
impossible to compromise.
To Next Page
Loading...
