NETGEAR WPN111 user manual 802.1x Port Based Network Access Control

Page 57

User Manual for the NETGEAR RangeMax™ Wireless USB 2.0 Adapter WPN111

Note: Some 802.11 access points also support Use WEP for Authentication Only (Shared Key Authentication without data encryption). However, the WPN111 does not offer this option.

802.1x Port Based Network Access Control

Securing any kind of network involves allowing authorized parties to access traffic and networked resources (e.g., servers, hosts) while blocking outsiders. One essential ingredient in this recipe: permitting or denying physical attachment to the underlying communications medium.

In Ethernet LANs, this has long been accomplished by disabling unused RJ-45 jacks and controlling access to Ethernet switch ports according to the Media Access Control (MAC) addresses of the attached device. Early wireless LANs followed suit by using access control lists (ACLs) to permit associations by known MAC addresses while rejecting all others. MAC ACLs are quite easy to understand and configure. However, ACLs become difficult to manage in large dynamic networks and are easily circumvented by network interface cards (NICs) with programmable addresses.

The LAN Port Access Control framework defined by the IEEE 802.1X standard addresses these needs.

With 802.11 WEP, all wireless access points and client wireless adapters on a particular wireless LAN must use the same encryption key. Each sending station encrypts data with a WEP key before transmission, and the receiving station decrypts it using an identical key. This process reduces the risk of someone passively monitoring the transmission and gaining access to the data transmitted over the wireless connections.

However, a major problem with the 802.11 wireless standard is that the keys are cumbersome to change. If you don't update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages. In order to use different keys, you must manually configure each access point and wireless adapter with new keys.

Products based on the 802.11 standard alone offer system administrators no effective method to update the keys. This might not be too much of concern with a few users, but the job of renewing keys on larger networks can be a monumental task. As a result, companies either don't use WEP at all or maintain the same keys for weeks, months, and even years. Both cases significantly heighten the wireless LAN's vulnerability to eavesdroppers.

W ire le ss N e tworkin g B a sics

B -1 1

202-10076-01

Image 57
Contents NETGEAR, I n c Technical Support FCC Information to User Ta n d a rd s Teste d to C om p lyContents Troubleshooting Index Viii Audience, Scope, Conventions Chapter About This ManualHow to Print this Manual Key Features Chapter IntroductionAbout the WPN111 What’s in the Box? Road Map for ‘How to Get There From Here’Wire le ss On n e ct to a E n tify th e Wire le ss n e tworkWire le ss n etwork To le a rn a b ou t wire le ssVe rify m y n e twork Ca b le or D S L se rvice Twork Ctiva te m yCon n e ction Rovid e rs For you r ve rsion of W in d ows Rowse r su ch a sTwork Con n e ct to th e wire le ss Wire d n etwork Wire le ss a n dE P C I a m u sin g to Igh b orh oodCom b in e d Wire le ss a n d Com p u te r su p p ort grou p sTwork n e e d s to b e D P rin t S h a rin gChapter Basic Setup What You Need Before You BeginVerifying System Requirements Observing Location and Range Guidelines Two Basic Operating ModesBasic Installation Instructions WPN111 Default Wireless Configuration SettingsFor Windows XP Users Installing a WPN111 Click Install Driver and UtilitySta llS h ie ld W iza rd Ort, you V1 typ eIs 1 4 M b p s wh e re a s th e With a W in d ows X P L ogo te stin gSte p s, click th e H e lp b u tton in th e W P N 1 1 Th e se202-10076-01 N 1 1 1 R e sou rce C D Sta llS h ie ld W iza rd For Windows 2000 Users Installing a WPN111Ou n d N e w H a rd wa re W iza rd Sp e e d is 1Ort is 4 8 0 M b p s N 1 1 1 S yste m Tra y I con Tility WPN111 Wireless Connection Indicators Interpreting the LED on the WPN111Or re se t Interpreting System Tray Icon Colors Chapter Configuration Understanding the Configuration OptionsUsing Configuration Profiles Connecting to an Access Point in Infrastructure Mode How to Configure an Infrastructure Mode ProfileRun the WPN111 Configuration Utility Save your settings in a Profile Configure the wireless Network settingsConnecting to Another PC in Ad-hoc Mode How to Configure an Ad-hoc Mode ProfileVerify wireless connectivity to your network Windows Run program dialog box Configure the PC network settingsPing test results How to Start a Computer-to-Computer Ad-Hoc NetworkEnabling Wireless Security Features Configure the Security settings How to Configure WEP Encryption SecurityHow to Configure WPA-PSK Encryption Security Advanced Security StatisticsAdvanced Settings Advanced Settings202-10076-01 Basic Tips Chapter TroubleshootingGeneral Questions Frequently Asked QuestionsNew Hardware Wizard appears after installation has completed Rou b le s h ootin g Appendix a Technical Specifications Ch n ica l S p e cifica tion s Appendix B Wireless Networking Basics Wireless Networking OverviewInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidWireless Channels 802.11b/g Wireless Channels For U S Re qu e n cy G H z 5 5 2 5 5 2For C a n a d a W for E u rop eWPN111 user can use thirteen channels in non-turbomode Wireless Security Overview 152160 WEP Overview WEP Authentication802.1x Cisco LeapAuthentication Open System Steps Bit WEP WEP KeysWEP Key Configuration How to Use WEP Parameters802.1x Port Based Network Access Control Figure B-4 802.1x authentication WPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Figure B-5 WPA Overview Figure B-6 WPA/802.1x Authentication Sequence 202-10076-01 WPA Data Encryption Key Management Temporal Key Integrity Protocol TkipMichael Is WPA Perfect? Product Support for WPAAES Support Wireless network adapters Wireless client programs 202-10076-01 Configuring Windows 98 and Me for TCP/IP Networking Appendix C Preparing Your PCs for Network AccessInstall or Verify Windows Networking Components Preparing Your Computers for TCP/IP NetworkingRe p a rin g Y ou r P C s for N e twork a cce ss Choose Settings, and then Control Panel Enabling Dhcp in Windows 98 and MeLocate your Network Neighborhood icon Primary Network Logon is set to Windows logon Verifying TCP/IP Properties Selecting Windows’ Internet Access MethodConfiguring Windows 2000 or XP for TCP/IP Networking Dhcp Configuration of TCP/IP in Windows XP Dhcp Configuration of TCP/IP in Windows XP orTCP/IP details are presented on Support tab Verify that Obtain an IP address Dhcp Configuration of TCP/IP in WindowsObtain an IP address automatically is selected Verifying TCP/IP Properties for Windows XP or 202-10076-01 Glossary DSL Internet service provider Ssid Wins 202-10076-01 Numerics Index
Related manuals
Manual 87 pages 60.77 Kb