Wireless Access Point
226 Configuring the Wireless AP
Choosing an encryption method: Wireless data encryption prevents
eavesdropping on data being transmitted or received over the airwaves.
The AP allows you to establish the following data encryption
configuration options:
• Open — this option offers no data encryption and is not
recommended, though you might choose this option if clients are
required to use a VPN connection through a secure SSH utility,
like PuTTy.
• Wired Equivalent Privacy (WEP) — this option provides minimal
protection (though much better than using an open network). An
early standard for wireless data encryption and supported by all
Wi-Fi certified equipment, WEP is vulnerable to hacking and is
therefore not recommended for use by Enterprise networks.
• Wi-Fi Protected Access (WPA and WPA2) — these are much
stronger encryption modes than WEP, using Temporal Key
Integrity Protocol (TKIP) or Advanced Encryption Standard
(AES) to encrypt data.
WPA solves security issues with WEP. It also allows you to
establish encryption keys on a per-user-basis, with key rotation
for added security. In addition, TKIP provides Message Integrity
Check (MIC) functionality and prevents active attacks on the
wireless network.
AES is the strongest encryption standard and is used by
government agencies; however, old legacy hardware may not be
capable of supporting the AES mode (it probably won’t work on
older wireless clients). Because AES is the strongest encryption
standard currently available, WPA2 with AES is highly
recommended for Enterprise networks.
Any of the above encryption methods can be used and an AP can support
multiple encryption methods simultaneously, but only one method may
be selected per SSID (except that selecting WPA-Both allows WPA and
WPA2 to be used at the same time on the same SSID). Otherwise, if
multiple security methods are needed, you must define multiple SSIDs.
To Next Page
Loading...
Need help?
General
