6 ipsec over wlan, 2 tips for handling keys – Lancom Systems 3550 User Manual

LANCOM 3550 Wireless

࡯

Chapter 7: Security settings

60

EN

Moreover, this technology makes enables a secured dispatch and a regular
automatic change of WEP keys. In this way IEEE 802.1x improves the protec-
tion efforts of WEP.

In Windows XP the IEEE-802.1x technology is already integrated by default.
For other operating systems 802.1x client software is available.

The drivers for the LANCOM AirLancer wireless cards already feature an inte-
grated 802.1x client.

7.1.6

IPSec over WLAN

By means of IPSec over WLAN a radio network can be optimally secured in
addition to the already introduced securing mechanisms. In order to run IPSec
over WLAN you have to upgrade the base stations of the with the LANCOM
VPN option and the LANCOM Advanced VPN Client, which runs under the
operating systems Windows 98ME, Windows 2000 and Windows XP. For other
operating systems client software from other manufacturers is available. The
drivers for the LANCOM AirLancer wireless adapter are already equipped with
a 802.1x client.

7.2

Tips for handling keys

The security of encryption procedures can be substantially increased the by
paying attention to some important rules for handling keys.

࡯

Keep keys as secret as possible.
Never note a key. Popular, but completely unsuitable are for example:
notebooks, wallets and text files in PCs. Do not share a key unnecessarily.

࡯

Select a random key.
Use randomized keys of character and number sequences. Keys from the
general linguistic usage are insecure.

࡯

Change a key immediately in case of suspicion.
It is time to change the key of the Wireless LAN if an employee with access
to a key leaves your company. The key should also be renewed in case of
smallest suspicion of a leak.

࡯

LEPS prevents the global spread of passphrases.
Activate LEPS to enable the use of individual passphrases.