Advanced – SMC Networks Gateway TTTM5800X User Manual

All Rights Reserved. Copyright 2006 Teletronics International, Inc.
2 Choke Cherry Road, Rockville, MD 20850 Tel: 301.309.8500 Fax: 301.309.8851

with minimal degradation in network performance. WPA offers standards-based, Wi-Fi CERTIFIED
security. It assures users that the Wi-Fi CERTIFIED devices they buy will be cross-vendor compatible.
When properly installed, WPA provides a high level of assurance to enterprises, small businesses and
home users that data will remain protected and that only authorized users may access their networks.
For enterprises that have already deployed IEEE 802.1X authentication, WPA offers the advantage of
leveraging existing authentication databases and infrastructure.

•

WPA2

o WPA2 is the second generation of WPA security; providing enterprise and consumer Wi-Fi® users with

a high level of assurance that only authorized users can access their wireless networks. Launched in
September 2004 by the Wi-Fi Alliance, WPA2 is the certified interoperable version of the full IEEE
802.11i specification which was ratified in June 2004. Like WPA, WPA2 supports IEEE 802.1X/EAP
authentication or PSK technology. It also includes a new advanced encryption mechanism using the
Counter-Mode/CBC-MAC Protocol (CCMP) called the Advanced Encryption Standard (AES). AES
satisfies U.S. government security requirements. It has been adopted as an official government
standard by the U.S. Department of Commerce and the National Institute of Standards and
Technology (NIST). Organizations that require the AES encryption available in WPA2 should be aware
that upgrading to it may require new hardware. Section II of this document offers a roadmap for
organizations planning to upgrade to WPA2. Considerations for its deployment are outlined in Section
III.

Cipher Type

•

TKIP

o Temporal Key Integrity Protocol is an upgrade to the WEP known as WEP 1.1 that fixes known

security problems in WEP’s implementation of the RC4 stream cipher. TKIP scrambles the keys using
a hashing algorithm and, by adding an integrity-checking feature, ensures that the keys haven’t been
tampered with.

•

AES

o Advanced Encryption Standard (Rijndael Cypher) is the U.S. government's next-generation

cryptography algorithm, which will replace DES and 3DES. AES works at multiple network layers
simultaneously. Supports 128, 192 and 256 bit keys. AES and 802.11i (WEP version 2) is based on
32bit processing unlink the older standard.

•

TKIP and AES

o If clients support both the TKIP and AES standards then this would be the strongest cipher type to

use. That combines both the TKIP and AES security.

EAP (802.1x)

When WPA enterprise is enabled, the router uses EAP (802.1x) to authenticate clients via a remote RADIUS server.

PSK

PSK stands for Pre-Shared-Key and serves as a password. User may key in an 8 to 63 characters string to set the
password or leave it blank, in which the 802.1x Authentication will be activated. Note that if user key in own password,
make sure to use the same password on client's end.

ADVANCED