Apple AirPort Networks manual Keeping Your Network Secure, Using Wi-Fi Protected Access

Page 45

Keeping Your Network Secure

Your network is protected by the password you assign to it. However, you can take additional steps to help keep your network secure.

Networks managed by Simple Network Management Protocol (SNMP) may be vulnerable to denial-of-service attacks. Similarly, if you configure your wireless device over the WAN port, it may be possible for unauthorized users to change network settings. When remote configuration is enabled, the device’s Bonjour information (the device name and IP address) is published over the WAN port. Turning off remote configuration may provide additional security.

To help protect your network and wireless device:

1Open AirPort Utility, select your device, and choose Base Station > Manual Setup, or double-click the device icon to open its configuration in a separate window. Enter the password if necessary.

2Click the Advanced button, and then click Logging & SNMP.

3Make sure the Allow SNMP Access and “Allow SNMP over WAN” checkboxes are not selected.

Using Wi-Fi Protected Access

AirPort Extreme supports WPA and WPA2 security standard for wireless networks. Using Mac OS X v10.3 or later or Windows XP with Service Pack 2, and 802.1X authentication capabilities, WPA security delivers more sophisticated data encryption than WEP, and also provides user authentication, which was virtually unavailable with WEP. If your computer has an AirPort Extreme wireless card installed, you can take advantage of the security updates in WPA2, including AES-CCMP encryption.

AirPort Extreme supports two modes of WPA and WPA2: Enterprise mode, which uses an authentication server for user authentication, and Personal mode, which relies on the capabilities of TKIP for WPA and AES-CCMP for WPA2, without requiring an authentication server.

Enterprise mode is designed for a larger network in which an IT professional is most likely setting up and managing the network. In order to set up a WPA or WPA2 Enterprise network, an 802.1X connection must be set up first in Network preferences on a Mac. To set up an 802.1x connection on a Windows computer, see the documentation that came with your computer. The 802.1X connection requires an authentication protocol, like TTLS, LEAP, or PEAP.

Setting up a WPA or WPA2 Enterprise network requires setting up an authentication server, such as a RADIUS server, to manage and validate network users’ credentials, such as user names, passwords, and user certificates. See the documentation that came with the server to set it up.

Chapter 3 AirPort Network Designs

45

Page 44 Page 46
Image 45
Page 44 Page 46
Contents Apple AirPort Networks Contents Getting Started Getting Started Getting Started Printing with an Apple Wireless Device Extending the Range of Your AirPort NetworkSharing Your Computer’s Internet Connection Getting Started To start Internet sharing on a computer using Windows Security for AirPort Networks at Home NAT FirewallClosed Network Transmitter Power Control Password Protection and EncryptionMAC Address Access Control Security for AirPort Networks in Businesses and ClassroomsRadius Support Wi-Fi Protected Access WPA and WPA2WPA and WPA2 Personal WPA and WPA2 Enterprise Setting Up the AirPort Extreme Network Configuring and Sharing Internet AccessSetting Advanced Options Using AirPort Utility Setting AirPort preferencesTo set AirPort preferences If you don’t see your wireless device in the list To set up your wireless device manuallyIf you can’t open the wireless device settings Setting Up the AirPort Extreme NetworkAirPort Network Designs Change the Device Password Wireless Device SettingsGive the Device a Name Other InformationSetting the Wireless Mode Wireless Network SettingsSet Device Options Naming the AirPort Extreme NetworkChoosing the Radio Mode Password-protect Your NetworkChanging the Channel Setting Wireless Options Use the Wireless Options pane to set the following Setting Additional Wireless OptionsConfiguring and Sharing Internet Access Setting up a Guest NetworkYou’re Using a DSL or Cable Modem What It Looks Like How It WorksWhat You Need for a DSL or Cable Modem Connection What to Do AirPort Network Designs AirPort Network Designs AirPort Network Designs AirPort Network Designs Setting Dhcp and NAT Options AirPort Network Designs Setting Dhcp Only Options Setting Up Client ComputersTo configure TCP/IP on client computers using Mac OS X Next, choose Dhcp from the Configure IPv4 pop-up menu To configure TCP/IP on client computers To configure TCP/IP on client computers using WindowsAirPort Network Designs What You Need for an Ethernet Connection You’re Using an Existing Ethernet NetworkWhat to Do AirPort Network Designs AirPort Extreme Ethernet WAN port Time Capsule Setting Advanced Options To set up roaming Setting Up RoamingTo extend the range of an 802.11n network Extending the Range of an 802.11n NetworkTo shorten the range of your AirPort network Controlling the Range of Your AirPort NetworkTo help protect your network and wireless device Using Wi-Fi Protected AccessKeeping Your Network Secure To set up a WPA or WPA2 Personal network To set up a WPA or WPA2 Enterprise networkTo set up the access control list Setting Up Access ControlTo set up authentication using a Radius server Using a Radius ServerAirPort Network Designs To set up inbound port mapping To set up a default host To set up loggingLogging Using Back to My Mac on your Wireless Network To set up Back to My Mac on your wireless deviceTo set the time automatically To adjust IPv6 firewall settings Setting up IPv6Customizing the IPv6 firewall To manually set IPv6 optionsTo share a hard disk on your network Sharing and Securing USB Hard Disks on Your NetworkUsing a Time Capsule in Your Network Connecting a USB Printer to an Apple Wireless DeviceTo use a printer on your network Adding a Wireless Client to Your 802.11n Network To allow client access to your networkTo change the name of your USB printer Solving Problems On a computer using Mac OSOn a computer using Windows More Information About AirPort AirPort Utility HelpWorld Wide Web Packets and Traffic How Information Reaches Its DestinationHardware Addresses IP AddressesUsing the AirPort Extreme Base Station Rules for Sending Information ProtocolsBase Station Interfaces Using the AirPort Express Using the Time CapsuleTime Capsule Interfaces AirPort Express InterfacesApple Wireless Device Functions Items That Can Cause Interference with AirPort Glossary Glossary Glossary Glossary Glossary Glossary Glossary Glossary
Top Page Image Contents