Wireless Access Point
56 Installing the Wireless AP
Security Planning
This section offers some useful guidelines for defining your preferred encryption
and authentication method. For additional information, see “Understanding
Security” on page 225 and the Security section of “Frequently Asked Questions”
on page 520.
Wireless Encryption
Encryption ensures that no user can decipher another user’s data transmitted
over the airwaves. There are three encryption options available to you, including:
WEP-40bit or WEP-128bit
Because WEP is vulnerable to cracks, we recommend that you only use
this for legacy devices that cannot support a stronger encryption type.
Wi-Fi Protected Access (WPA)
This is much more secure than WEP and uses TKIP for encryption.
Wi-Fi Protected Access (WPA2) with AES
This is government-grade encryption — available on most new client
adapters — and uses the AES–CCM encryption mode (Advanced
Encryption Standard–Counter Mode).
Authentication
Authentication ensures users are who they say they are. Users are authenticated
when they attempt to connect to the wireless network and periodically thereafter.
The following authentication methods are available with the Wireless AP:
RADIUS 802.1x
802.1x uses a remote RADIUS server to authenticate large numbers of
clients, and can handle different authentication methods (EAP-TLS, EAP-
TTLS, EAP-PEAP, and EAP-LEAP Passthrough). Administrators may
also be authenticated via RADIUS when preferred, or to meet particular
security standards.
Xirrus Internal RADIUS server
Recommended for smaller numbers of users (about 100 or less). Supports
EAP-PEAP only
To Next Page
Loading...
Need help?
General
