Keyguard – Brocade Mobility RFS Controller System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Brocade Mobility RFS Controller System Reference Guide

273

53-1003099-01

6

•

Brocade recommends additional layers of security (beyond WEP) be enabled to minimize the
likelihood of data loss and security breaches. WEP enabled WLANs should be mapped to an
isolated VLAN with firewall policies restricting access to hosts and suspicious network
applications.

•

WEP enabled WLANs should only be permitted access to resources required by legacy devices.

•

If WEP support is needed for WLAN legacy device support, 802.1X EAP authentication should
be also configured in order for the WLAN to provide authentication and dynamic key derivation
and rotation.

Keyguard

Configuring WLAN Security

Keyguard is a form of WEP, and could be all a small business needs for the simple encryption of
wireless data.

KeyGuard is a proprietary encryption method developed by Brocade. KeyGuard is Brocade's
enhancement to WEP encryption, and was developed before the finalization of WPA-TKIP. The
Keyguard encryption implementation is based on the IEEE Wi-Fi standard, 802.11i.

To configure Keyguard encryption on a WLAN:

1. Select Configuration > Wireless > Wireless LAN Policy to display available WLANs.

2. Select the Add button to create an additional WLAN or select Edit to modify the properties of an

WLAN.

3. Select Security.

4. Select the Keyguard check box from within the Select Encryption field.

The screen populates with the parameters required to define a KeyGuard configuration for
the WLAN.