Configuration Guide Configuring RSNA
Pre-shared Key (PSK) is an 802.11i authentication mode, which performs authentication with pre-defined static keys. This
authentication approach requires that an STA and an AP be configured with the same pre-shared key. If their keys are the
same, the PSK access authentication succeeds; otherwise, the PSK access authentication fails.
802.1X Access Authentication
802.1X is a port-based network access control protocol. This authentication approach is used to authenticate and control the
STAs at the port level. STAs connected to the ports can access resources in a WLAN if they pass the authentication;
otherwise, the STAs cannot access resources in the WLAN.
A WLAN system with the 802.1X authentication function must provide the following elements to implement port-based
authentication and authorization:
Authentication client
Authentication client is generally installed on the STA. When the user wants to access the network, he activates the client
program and enters the user name and password. Then, the client program sends a connection request.
Authenticator
An authenticator means an AP or a communication device functioning as an AP. It is responsible for uploading and pushing
user authentication information and enables or disables a port based on the authentication result.
Authentication server
The authentication server checks whether a user has the right to use the services provided by the network system based on
his identification information (user name and password), and enables or disables a port to the authentication system based
on the authentication result.
MAB authentication uses a MAC address as the username to initiate a request to the authentication server. Therefore, it is
not necessary for the terminal to install the client.
1.3.3 Wireless Data Encryption
Compared with a wired network, a wireless network is prone to greater security risks. Within an area, all WLAN devices
share the same transmission medium and any device can receive data from all the other devices. This feature poses threat
to WLAN data.
The IEEE 802.11i protocol defines the following encryption algorithms:
WEP encryption
TKIP encryption
AES encryption
Working Principle
WEP Encryption
Wired Equivalent Privacy (WEP) is a data encryption mode specified in the original IEEE 802.11 standard, and is the basis
for WLAN security authentication and encryption. WEP is used to promote the privacy of data exchanged between
authorized users in a WLAN and prevent the data from being stolen.
To Next Page
Loading...
Need help?
General
