2 developments in wlan security – Lancom Systems LCOS 3.50 User Manual

̈

Chapter 11: Wireless LAN – WLAN

LANCOM Reference Manual LCOS 3.50

213

Wi

re

le

ss

L

A

N

–

WL

A

N

In some applications, however, it may be desirable to divide the clients the
radio cell into different groups, each of which is treated in a certain way by
the access point. It may be necessary, for example, to operate a public wireless
network without any encryption simultaneous to a protected, WPA- or WEP-
encrypted wireless network that excludes unauthorised parties.

The Multi-SSID function of the LANCOM access points is ideally suited to sce-
narios like this. This function enables a physical WLAN interface of an access
point to be assigned with more than one SSID. Up to eight different logical
radio cells—each with its own SSID—can be supported by a single WLAN
interface.

11.2 Developments in WLAN security

The WLAN standards WPA and 802.11i are currently redeeming the reputation
of WLAN security, an issue which has recently been under attack. The
processes incorporated into the original standard proved insufficient in
practice. This lack led on the one hand to a series of proprietary extensions of
the standard, like "CKIP" from Cisco, or "KeyGuard" from Symbol
Technologies, and on the other hand to solutions which offered the required
security on higher protocol layers with tools like PPTP or IPSec. All these
processes are quite functional, but they introduce limitations, for instance
those relative to interoperability or data transmission rates.

In the recently released standard 802.11i, the IEEE Committee has redefined
the topic "WLAN and security" from the ground up. The result is a set of
standardised methods that enable the construction of secure and
manufacturer-independent WLANs in line with current standards.

LAN

SSID='PUBLIC'

SSID='PUBLIC'

SSID='CLOSED'