NETGEAR WG511U user manual 802.1x Port Based Network Access Control

Page 63

User’s Manual for the NETGEAR Double 108 Mbps Wireless PC Card 32-bit CardBus WG511U

Note: Some 802.11 access points also support Use WEP for Authentication Only (Shared Key Authentication without data encryption). However, the WG511U does not offer this option.

802.1x Port Based Network Access Control

Securing any kind of network involves allowing authorized parties to access traffic and networked resources (e.g., servers, hosts) while blocking outsiders. One essential ingredient in this recipe: permitting or denying physical attachment to the underlying communications medium.

In Ethernet LANs, this has long been accomplished by disabling unused RJ-45 jacks and controlling access to Ethernet switch ports according to the Media Access Control (MAC) addresses of the attached device. Early wireless LANs followed suit by using access control lists (ACLs) to permit associations by known MAC addresses while rejecting all others. MAC ACLs are quite easy to understand and configure. However, ACLs become difficult to manage in large dynamic networks and are easily circumvented by network interface cards (NICs) with programmable addresses.

The LAN Port Access Control framework defined by the IEEE 802.1X standard addresses these needs.

With 802.11 WEP, all wireless access points and client wireless adapters on a particular wireless LAN must use the same encryption key. Each sending station encrypts data with a WEP key before transmission, and the receiving station decrypts it using an identical key. This process reduces the risk of someone passively monitoring the transmission and gaining access to the data transmitted over the wireless connections.

However, a major problem with the 802.11 wireless standard is that the keys are cumbersome to change. If you don't update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages. In order to use different keys, you must manually configure each access point and wireless adapter with new keys.

Products based on the 802.11 standard alone offer system administrators no effective method to update the keys. This might not be too much of concern with a few users, but the job of renewing keys on larger networks can be a monumental task. As a result, companies either don't use WEP at all or maintain the same keys for weeks, months, and even years. Both cases significantly heighten the wireless LAN's vulnerability to eavesdroppers.

Wireless Networking Basics

B-11

August 2004

Page 62 Page 64
Image 63
Page 62 Page 64
Contents August Technical Support FCC Information to User Export Restrictions Contents Chapter Wireless Security Configuration Glossary Contents Audience, Conventions, Publication Date Chapter About This ManualHtml version of this manual How to Navigate this ManualHow to Print this Manual About This Manual Chapter Introduction Key Features and Related Netgear ProductsWhat’s in the Box? 802.11a and 802.11b/g Wireless NetworkingRoad Map for How to Get There From Here Road Map for ‘How to Get There From Here’Netgear Double Exchange files Use printers Chapter Basic Setup What You Need Before You BeginVerifying System Requirements Observing Location and Range Guidelines Two Basic Operating ModesWG511U Default Wireless Configuration Settings Basic Installation Instructions For Windows XP Users Installing a WG511UClick Install Driver and Utility Basic Setup Wireless Security Configuration Configure your WG511ULED Descriptions Verify wireless connectivity to your networkFor Windows 2000 & 98/Me Users Installing a WG511U Found New Hardware Wizard Profile Configure your WG511U and saveBelow Word Meaning Interpreting the LED on the WG511U WG511U Wireless Connection IndicatorsColor Condition Description Interpreting System Tray Icon ColorsBasic Tips TroubleshootingTroubleshooting Frequently Asked Questions Basic Setup Chapter Netgear Smart Wireless Wizard Understanding the Configuration OptionsUsing Configuration Profiles Connecting to an Access Point in Infrastructure Mode Save your settings in a Profile How to Configure an Infrastructure Mode ProfileRun the WG511U Smart Wireless Wizard Configure the wireless network settingsNetgear WG511U Wireless PC Card in Computer-to-Computer Mode Connecting to Another PC in Ad-hoc ModeConfigure the PC network settings How to Configure an Ad-hoc Mode NetworkAd-Hoc Setting What’s on the Statistics Page? Understanding the Advanced Settings Understanding the Security Options Chapter Wireless Security ConfigurationBasic Requirements for WEP Using WEP SecurityWEP Security Settings Worksheet Wireless Network Name SsidWEP Security Encryption Key How to Configure WEP Encryption Security Configure the Network Name Ssid settingsConfigure the WEP settings Basic Requirements for WPA-PSK Using WPA-PSK Advanced SecurityHow to Configure WPA-PSK Advanced Security WPA-PSK Security Settings WorksheetWPA-PSK settings screen Configure the WPA-PSK settingsWireless Security Configuration FCC, CE Appendix a Technical SpecificationsTechnical Specifications Appendix B Wireless Networking Basics Wireless Networking OverviewInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidWireless Channels 802.11b/g Wireless Channels 802.11a Legal Power Output and Wireless Channels WG511U user can use thirteen channels in non-turbomode WPA Wireless Security OverviewCisco Leap WEP AuthenticationWEP Overview 802.1xAuthentication Open System Steps Bit WEP WEP KeysWEP Key Configuration How to Use WEP Parameters802.1x Port Based Network Access Control Figure B-4 802.1x authentication WPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Figure B-5 WPA Overview Figure B-6 WPA/802.1x Authentication Sequence Wireless Networking Basics WPA Data Encryption Key Management Temporal Key Integrity Protocol TkipMichael Is WPA Perfect? Product Support for WPAAES Support Wireless network adapters Wireless client programs Wireless Networking Basics Preparing Your Computers for TCP/IP Networking Appendix C Preparing Your PCs for Network AccessConfiguring Windows 98 and Me for TCP/IP Networking Install or Verify Windows Networking ComponentsPreparing Your PCs for Network Access Locate your Network Neighborhood icon Choose Settings, and then Control PanelPrimary Network Logon is set to Windows logon Verifying TCP/IP Properties Selecting Windows’ Internet Access MethodConfiguring Windows 2000 or XP for TCP/IP Networking Dhcp Configuration of TCP/IP in Windows XP Dhcp Configuration of TCP/IP in Windows XP orTCP/IP details are presented on Support tab Dhcp Configuration of TCP/IP in Windows Verify that Obtain an IP addressRight click on Local Area Connection and select Properties Obtain an IP address automatically is selected Verifying TCP/IP Properties for Windows XP or Preparing Your PCs for Network Access List of Glossary Terms GlossaryAdsl EAP Internet service provider Megabits per second Ssid WEP Glossary Numerics Index
Related manuals
Manual 2 pages 10.78 Kb
Top Page Image Contents