USRobotics Instant802 APSDK User Manual

Page 102

Advertising
background image

Professional Access Point

Administrator Guide

Security - 102

Wi-Fi Protected Access (

WPA

) with Remote Authentication Dial-In User Service (

RADIUS

) using the

CCMP (AES) encryption algorithm provides the best data protection available and is clearly the best
choice if all client devices are equipped with WPA supplicants. However, backward compatibility or
interoperability issues with clients or even with other access points may require that you configure WPA
with RADIUS with a different encryption algorithm or choose one of the other security modes.

However, security may not be as much of a priority on some types of networks. If you are simply providing
internet and printer access,

None

may be the appropriate choice. To prevent clients from accidentally

discovering and connecting to your network, you can disable the broadcast SSID so that your network
name is not advertised. If the network is sufficiently isolated from access to sensitive information, this may
offer enough protection in some situations.

Following is a brief discussion of the factors that make one mode more secure than another, a description
of each mode offered, and when to use each mode.

Comparison of Security Modes for Key Management, Authentication and Encryption

Algorithms

The major factors that determine the effectiveness of a security protocol are:

How the protocol manages keys

Presence or absence of integrated user authentication in the protocol

Encryption algorithm or formula the protocol uses to encode and decode the data

Following is a list of the security modes available on the Professional Access Point along with a description
of the key management, authentication, and encryption algorithms used in each mode. Each discussion
includes suggestions as to when one mode might be more appropriate than another.

When to Use No Security

When to Use Static WEP

When to Use IEEE 802.1x

When to Use WPA/WPA2 Personal (PSK)

When to Use WPA/WPA2 Enterprise (RADIUS)

When to Use No Security

None

is a security mode option. In this mode, the data is not encrypted. Instead, the data is sent as plain

text across the network. No key management, data encryption, or user authentication is used.

R

ECOMMENDATIONS

None

is not recommended for regular use on the Internal network because the Internal network should

have some level of security. Use

None

on the Internal network for initial setup, testing, or problem solving

only.

Advertising
Popular Brands
Popular manuals