NETGEAR WGPS606 manual WPA Data Encryption Key Management

Page 54

Reference Manual for the NETGEAR 54 Mbps Wireless USB Print Server with 4-Port Switch

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (e.g., RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication or as newer types become available and your requirements for security change.

WPA Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x provide no mechanism to change the global encryption key used for multicast and broadcast traffic. With WPA, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for every frame, and the change is synchronized between the wireless client and the wireless access point (AP). For the global encryption key, WPA includes a facility (the Information Element) for the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

B-14

Wireless Networking Basics

202-10083-01

Page 53 Page 55
Image 54
Page 53 Page 55
Contents 202-10083-01 Technical Support Iii Product and Publication Details Contents Chapter Advanced Configuration Glossary Contents Chapter About This Manual Audience, Scope, Conventions, and FormatsHow to Print this Manual About the Wireless USB Print Server Chapter IntroductionSupport for Standards Key Features 802.11g Standards-based Wireless NetworkingSystem Requirements Autosensing Ethernet Connections with Auto UplinkWhat’s In the Box? Bottom Label Description Power Socket Chapter Basic Installation and Configuration Overview of Wireless USB Print Server SetupWGPS606 Default Factory Settings Verify Printer and Network Readiness Understanding WGPS606 Wireless Security Options Observe these PrecautionsSet Up the Print Server Remove the Netgear CDNow, Set Up a PC Troubleshooting Tips Make sure the cables are pluggedHow to Log in Using the IP Address of the WGPS606 Two Ways to Log In to the WGPS606Login result WGPS606 home Using the IP Settings Options IP Settings Current IP AddressesUnderstanding the Basic Wireless Settings WGPS606 NameChapter Management Viewing General InformationGeneral Information Fields Backing Up the Wireless USB Print Server Settings Upgrading the Wireless USB Print Server SoftwareRestoring Factory Default Settings Using the Reset Button to Reboot or Restore Factory DefaultsChanging the Administrator Password Set PasswordManagement Chapter Advanced Configuration Understanding Advanced Wireless SettingsAdvanced Configuration Chapter Troubleshooting Printing Errors Basic FunctioningDifferences in How Windows Handles Printing to the WGPS606 Print server is not foundNothing is printing Restoring the Default Configuration Windows Printer Port ManagementAppendix a Specifications Specifications for the WGPS606Specifications Appendix B Wireless Networking Basics Wireless Networking OverviewInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidWireless Channels Radio frequency channels used are listed in Table B-1 WEP Wireless Security WEP AuthenticationAccess point have the same WEP are described below Authentication Shared Key Steps Key Size and Configuration WPA Wireless Security How to Use WEP ParametersHow Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i?What are the Key Features of WPA Security? Figure B-3 WPA Overview Wireless Networking Basics Figure B-4 802.1x Authentication Sequence WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA Perfect? Product Support for WPAChanges to Wireless Network Adapters Changes to Wireless Client Programs Glossary NumericSee Dynamic Host Configuration Protocol Ethernet Internet service provider Megabits per second Set of rules for communication between devices on a network See Wide Area Network WPA
Related manuals
Manual 23 pages 35.1 Kb

WGPS606 specifications

The NETGEAR WGT624SC, GS608, GS605, XE103, and WGPS606 are key components in the networking ecosystem designed for various connectivity needs, offering reliable performance and innovative features.

The NETGEAR WGT624SC is a wireless router that operates on both the 2.4 GHz and 5 GHz bands. This dual-band capability allows for increased flexibility and speed, making it suitable for households with multiple devices. It supports 802.11g wireless technology, providing robust performance and ensuring a range that covers average-sized homes. With features like WPA2 security, users can enjoy safe wireless connections. The router also includes four LAN ports for wired connections, ensuring that devices like gaming consoles and desktop computers can connect seamlessly.

Moving to the NETGEAR GS608 and GS605, these unmanaged switches are designed for small to medium-sized networks. The GS608 is an 8-port Gigabit Ethernet switch, while the GS605 has five ports. Both models offer plug-and-play functionality, making them ideal for users who require easy setup without extensive configuration. The switches support auto-negotiation for optimal speed, as well as energy-efficient Ethernet technology to reduce power consumption during low traffic periods.

The NETGEAR XE103 is a unique solution in the realm of powerline networking. Utilizing existing electrical wiring, this powerline adapter allows users to extend their network without the need for long cable runs. It supports data rates suitable for streaming and online gaming, providing a reliable alternative for reaching difficult areas of a home where Wi-Fi signals may be weak.

Finally, the NETGEAR WGPS606 is a wireless print server that facilitates the connection of multiple printers to a wireless network. Ideal for small office setups or home environments, it supports various printer types and enables remote printing from any connected device.

Overall, these NETGEAR products exemplify a commitment to providing varied networking solutions that cater to different user requirements while maintaining high-quality performance and reliability.
Top Page Image Contents