NETGEAR WPN111 user manual WPA Wireless Security

Page 59

User Manual for the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

Initial 802.1x communications begin with an unauthenticated supplicant (i.e., client device) attempting to connect with an authenticator (i.e., 802.11 access point). The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS). Once authenticated, the access point opens the client's port for other types of traffic.

The basic 802.1x protocol provides effective authentication and can offering dynamic key management using 802.1x as a delivery mechanism. If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

It's important to note that 802.1x doesn't provide the actual authentication mechanisms. When using 802.1x, you need to choose an EAP type, such as Transport Layer Security (EAP-TLS) or Protected EAP (PEAP), which defines how the authentication takes place.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application software on the client devices. The wireless access point acts as a “pass through” for 802.1x messages. As a result, you can update the EAP authentication type as newer types become available and your requirements for security change.

802.1x is well on its way to becoming an industry standard, and provides an effective wired and wireless LAN security solution. Windows XP implements 802.1x natively, and the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111 supports 802.1x. The 802.11i committee is specifying the use of 802.1x to eventually become part of the 802.11 standard.

WPA Wireless Security

Wi-Fi Protected Access (WPA) is a specification of standards-based, interoperable security enhancements that increase the level of data protection and access control for existing and future wireless LAN systems.

W ire le ss N e tworkin g B a sics

B -1 3

202-10076-01

Page 58 Page 60
Image 59
Page 58 Page 60
Contents NETGEAR, I n c Technical Support FCC Information to User Ta n d a rd s Teste d to C om p lyContents Troubleshooting Index Viii Audience, Scope, Conventions Chapter About This ManualHow to Print this Manual About the WPN111 Key FeaturesChapter Introduction What’s in the Box? Road Map for ‘How to Get There From Here’To le a rn a b ou t wire le ss On n e ct to a E n tify th e Wire le ss n e tworkWire le ss Wire le ss n etworkRowse r su ch a s Ctiva te m yVe rify m y n e twork Ca b le or D S L se rvice Twork Con n e ction Rovid e rs For you r ve rsion of W in d owsIgh b orh ood Wire le ss a n dTwork Con n e ct to th e wire le ss Wire d n etwork E P C I a m u sin g toD P rin t S h a rin g Wire le ss a n d Com p u te r su p p ort grou p sCom b in e d Twork n e e d s to b eVerifying System Requirements Chapter Basic SetupWhat You Need Before You Begin Observing Location and Range Guidelines Two Basic Operating ModesBasic Installation Instructions WPN111 Default Wireless Configuration SettingsSta llS h ie ld W iza rd For Windows XP Users Installing a WPN111Click Install Driver and Utility With a W in d ows X P L ogo te stin g V1 typ eOrt, you Is 1 4 M b p s wh e re a s th eSte p s, click th e H e lp b u tton in th e W P N 1 1 Th e se202-10076-01 N 1 1 1 R e sou rce C D Sta llS h ie ld W iza rd For Windows 2000 Users Installing a WPN111Ort is 4 8 0 M b p s N 1 1 1 S yste m Tra y I con Ou n d N e w H a rd wa re W iza rdSp e e d is 1 Tility Or re se t WPN111 Wireless Connection IndicatorsInterpreting the LED on the WPN111 Interpreting System Tray Icon Colors Using Configuration Profiles Chapter ConfigurationUnderstanding the Configuration Options Run the WPN111 Configuration Utility Connecting to an Access Point in Infrastructure ModeHow to Configure an Infrastructure Mode Profile Save your settings in a Profile Configure the wireless Network settingsVerify wireless connectivity to your network Connecting to Another PC in Ad-hoc ModeHow to Configure an Ad-hoc Mode Profile Windows Run program dialog box Configure the PC network settingsPing test results How to Start a Computer-to-Computer Ad-Hoc NetworkEnabling Wireless Security Features Configure the Security settings How to Configure WEP Encryption SecurityHow to Configure WPA-PSK Encryption Security Advanced Security StatisticsAdvanced Settings Advanced Settings202-10076-01 Basic Tips Chapter TroubleshootingGeneral Questions Frequently Asked QuestionsNew Hardware Wizard appears after installation has completed Rou b le s h ootin g Appendix a Technical Specifications Ch n ica l S p e cifica tion s Infrastructure Mode Appendix B Wireless Networking BasicsWireless Networking Overview Wireless Channels Ad Hoc Mode Peer-to-Peer WorkgroupNetwork Name Extended Service Set Identification Essid 802.11b/g Wireless Channels W for E u rop e Re qu e n cy G H z 5 5 2 5 5 2For U S For C a n a d aWPN111 user can use thirteen channels in non-turbomode 160 Wireless Security Overview152 Cisco Leap WEP AuthenticationWEP Overview 802.1xAuthentication Open System Steps Bit WEP WEP KeysWEP Key Configuration How to Use WEP Parameters802.1x Port Based Network Access Control Figure B-4 802.1x authentication WPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Figure B-5 WPA Overview Figure B-6 WPA/802.1x Authentication Sequence 202-10076-01 Michael WPA Data Encryption Key ManagementTemporal Key Integrity Protocol Tkip AES Support Is WPA Perfect?Product Support for WPA Wireless network adapters Wireless client programs 202-10076-01 Preparing Your Computers for TCP/IP Networking Appendix C Preparing Your PCs for Network AccessConfiguring Windows 98 and Me for TCP/IP Networking Install or Verify Windows Networking ComponentsRe p a rin g Y ou r P C s for N e twork a cce ss Locate your Network Neighborhood icon Choose Settings, and then Control PanelEnabling Dhcp in Windows 98 and Me Primary Network Logon is set to Windows logon Verifying TCP/IP Properties Selecting Windows’ Internet Access MethodConfiguring Windows 2000 or XP for TCP/IP Networking Dhcp Configuration of TCP/IP in Windows XP Dhcp Configuration of TCP/IP in Windows XP orTCP/IP details are presented on Support tab Verify that Obtain an IP address Dhcp Configuration of TCP/IP in WindowsObtain an IP address automatically is selected Verifying TCP/IP Properties for Windows XP or 202-10076-01 Glossary DSL Internet service provider Ssid Wins 202-10076-01 Numerics Index
Related manuals
Manual 87 pages 60.77 Kb
Top Page Image Contents