LevelOne WAB-1000 manual WPA with TKIP/ AES-CCMP, AES-ECB and 3DES for Bridging

Page 11

SSID

The Service Set ID (SSID) is a string used to define a common roaming domain among multiple wireless access points. Different SSIDs on access points can enable overlapping wireless networks. The SSID can act as a basic password without which the client cannot connect to the network. However, this is easily overridden by allowing the wireless AP to broadcast the SSID, which means any client can associate with the AP. SSID broadcasting can be disabled in the WAB-1000 setup menus if you are configuring to use WEP encryption.

WEP

WEP is an older encryption standard but is preferable to no encryption. The WAB-1000 is capable of configuring for WEP 64-bit encryption, 128-bit encryption, or 152-bit encryption. Authentication type can be set for Open System, Shared Key, or a combination Open/Shared. If the WAB-1000 is configured with WEP encryption, it is compatible with any 802.11b/g PC card configured for WEP.

WPA with TKIP/ AES-CCMP

WPA, an interim standard developed by the WiFi Alliance, combines several technologies that address known 802.11x security vulnerabilities. It provides an affordable, scalable solution for protecting existing corporate WLANs without the additional expense of VPN/firewall technology. It includes the use of the 802.1x standard and the Extensible Authentication Protocol (EAP). In addition, it uses, for encryption, the Temporal Key Integrity Protocol (TKIP) and WEP 128-bit encryption keys. Finally, a message integrity check (MIC) is used to prevent an attacker from capturing and altering or forging data packets. In addition, it can employ a form of AES called AES-CCMP. The WAB-1000 allows the user to configure encryption type to allow either TKIP clients, AES-CCMP clients, or a mix of both.

WPA is a subset of the draft 802.11i standard and is expected to maintain forward compatibility.

AES-ECB and 3DES for Bridging

The Advanced Encryption Standard (AES) was selected by NIST in October 2000 as an upgrade from the previous DES standard. The subset that has currently been approved is AES- ECB. The WAB-1000 uses AES-ECB (or 3DES) over the Bridging channel. AES uses a 128-bit block cipher algorithm and encryption technique for protecting computerized information. It has the ability to use even larger 192-bit and 256-bit keys, if desired.

6

Page 10 Page 12
Image 11
Page 10 Page 12
Contents User Guide Page Table of Contents WPA Encryption Page Introduction Basic FeaturesWireless Basics 802.11g Network ConfigurationAccess point configurations 802.11bPossible AP Topologies Data Encryption and Security BridgingAES-ECB and 3DES for Bridging WPA with TKIP/ AES-CCMPDhcp Server MAC Address AuthenticationOperator Authentication and Management Management Preparation for use Hardware installationMinimum system and component requirements Installation InstructionsEnsure the cabling is correctly installed Page WAN Indicator LightsSealing Antenna Connections LEDIntroduction Preliminary configuration stepsInitial setup using the Local port General System ConfigurationWAN LAN Wireless Setup Page Dtim RTSSsid EncryptionWPA Encryption Page MAC Address Filtering Bridging and Bridging Encryption Rogue AP Detection Advanced Services Settings Snmp Agent List All Users User ManagementAdd New User Monitoring/ReportsBridging Status System StatusWireless Clients Dhcp Client List Adjacent AP ListSystem Log Web Access LogNetwork Activity Factory Default System AdministrationFirmware Upgrade Remote Logging RebootUtilities General bridge setup Configure the WAB-1000 as a bridgePage Page Point-to-point bridge configuration Set up bridging typeBssid Point-to-point bridging setup guidePage Page Point-to-multipoint bridge configuration Point-to-multipoint bridging setup guide Repeater bridging setup guide Repeater bridge configurationBridging Encryption Channel Separation and Wlan Cards Manufacturer’s StatementRadio Frequency Interference Requirements AES 3DESTkip DhcpSnmp WPA
Top Page Image Contents