5 when to use wpa enterprise, See also, Recommendations – Psion Teklogix 9160 G2 User Manual

Page 118: Table 10.4 wpa enterprise security mode

Advertising
background image

Chapter 10: Configuring Security
Comparison Of Security Modes For Key Management, Authentication And Encryption Algorithms

96

Psion Teklogix 9160 G2 Wireless Gateway User Manual

We recommend that you use WPA Enterprise mode instead, unless you have
interoperability issues that prevent you from using this mode.

For example, some devices on your network may not support WPA or WPA2 with
EAP talking to a RADIUS server. Embedded printer servers or other small client
devices with very limited space for implementation may not support RADIUS. For
such cases, we recommend that you use WPA Personal.

See Also

For information on how to configure this security mode, see “WPA Personal” on
page 109.

10.1.2.5

When To Use WPA Enterprise

Wi-Fi Protected Access Enterprise with Remote Authentication Dial-In User
Service (RADIUS) is an implementation of the Wi-Fi Alliance IEEE 802.11h stan-
dard, which includes Advanced Encryption Standard (AES), Counter mode/CBC-
MAC Protocol (CCMP), and Temporal Key Integrity Protocol (TKIP) mechanisms.
This mode requires the use of a RADIUS server to authenticate users. WPA Enter-
prise provides the best security available for wireless networks.

This security mode also provides backwards-compatibility for wireless clients that
support only the original WPA.

Recommendations

WPA Enterprise mode is the recommended mode. The CCMP (AES) and TKIP
encryption algorithms used with WPA modes are far superior to the RC4 algorithm
used for Static WEP or IEEE 802.1x modes. Therefore, CCMP (AES) or TKIP

Key Management

Encryption Algorithms

User Authentication

WPA Enterprise mode pro-
vides dynamically-gener-
ated keys that are
periodically refreshed.

There are different Uni-
cast keys for each station.

• Temporal Key Integrity Protocol

(TKIP).

• Counter mode/CBC-MAC Proto-

col (CCMP) Advanced Encryp-
tion Standard (AES).

Remote Authentication Dial-In User Service
(RADIUS)

You have a choice of using the 9160 G2 Wire-
less Gateway embedded RADIUS server or
an external RADIUS server. The embedded
RADIUS server supports Protected EAP
(PEAP) and MSCHAP V2.

Table 10.4 WPA Enterprise Security Mode

Advertising
Popular Brands
Popular manuals