Fortress Technologies BreadCrumb Wireless Network manual Harris SecNET11, Encrypting Wired Traffic

Page 46

Chapter 5. Using BCAdmin™

Enabling/Disabling AirFortress Encryption

AirFortress encryption is enabled and disabled on a BreadCrumb device using a checkbox on the General tab of the BreadCrumb Properties window. Unlike the Access ID, this setting may be changed when communicating wirelessly with the BreadCrumb device.

Important: Enabling and disabling AirFortress encryption in a BreadCrumb device has an immediate effect. If you change this setting, you will have to change your BCAdmin workstation’s setting to match it in order to communicate with the BreadCrumb device again.

Encrypting Wired Traffic

The BreadCrumb devices’ AirFortress support includes the ability to encrypt traffic from a wired network provided that the BreadCrumb device’s ethernet interface is in either Gateway Mode or Gateway (Ingress) Mode. With AirFortress enabled on a BreadCrumb device in one of these modes, encryption of wired traffic entering the wireless network and decryption of wireless traffic entering a wired network is completely automatic.

Tip: In addition to providing secure wireless extension of a wired network, this feature can be used to encrypt communications from ethernet-enabled devices (such as cameras) for which an AirFortress client is not available. For an example of this, see the Section called Encrypting a Video Feed in Chapter 6.

Zeroizing the Access ID

The BreadCrumb Access ID and other settings can be erased remotely or with physical access to the BreadCrumb device by following the steps in the Section called Restoring Default Settings (Factory Reset) in Chapter 7.

Harris SecNET11

For security exceeding AES-256 encryption, Rajant provides support for Harris Corporation’s SecNet11 product family. You must specify when ordering your BreadCrumb devices that you require this feature; each BreadCrumb radio will be replaced with a SecNet11 Plus PC card.

The SecNet11 Plus PC card has been certified as part of the National Security Agency (NSA) Commercial COMSEC Evaluation Program (CCEP).

Tip: To learn more about the SecNet11, visit http://www.govcomm.harris.com/secure-comm/.

40

Image 46
Contents For the BreadCrumb Wireless Network Release Rajant CorporationPage Table of Contents Troubleshooting Using BCAdminConfiguration Examples List of Tables List of FiguresPurpose and Scope PrefaceUser Information What is a BreadCrumb? IntroductionBreadCrumb Devices Mesh by Channel and Essid Mobility through MeshingMesh a Definition ExampleMeshing Example 1 Full Connectivity Known Issues New Features Performance / Process ImprovementsIssues Resolved Upgrading to VersionUpgrading BreadCrumb Firmware Installing / Upgrading BCAdminUpgrading to Version Flash Update Procedure for Version 2 and Version 3 Systems Version 3 Power InputUpgrading to Version Models XLV XLEModels BreadCrumb MEAvailable BreadCrumb Models External Connectors BreadCrumb WEBreadCrumb WE External Connectors BreadCrumb SEBreadCrumb SE External Connectors BreadCrumb XLBreadCrumb XL External Connector BreadCrumb XLVBreadCrumb XLV External Connectors BreadCrumb XLEBreadCrumb XLE External Connectors front Channel Assignments Deployment ConsiderationsAddressing BreadCrumb Device AddressesLine Of Sight Physical Placement and Other ConsiderationsDeployment Considerations Best-Case Distances by Radio Power Device power To Device power DistanceDistance Interference WeatherAltitude Using BCAdmin Screen LayoutUsing BCAdmin Topology AreaAnatomy of the BreadCrumb Box BreadCrumb Device NameNumber of Peers Time Since Last UpdateAnatomy of the Client Box Number of ClientsAnatomy of a Connection Line 802.11b Channel Line ColorBCAdmin Line Styles Legend Info Area Redundant Connection ExampleConfiguring Individual BreadCrumbs Link Detail TabsType General SettingsName LocationManual GPS Settings Latitude and Longitude Using BCAdmin ColorBattery Warning minutes AirFortress Encryption AES-256 and Set Access IDChannel Radio SettingsAccess Point MeshNone Reachback SettingsReachback Interface EthernetMode Using BCAdmin RadioRadio 2 ad hoc AutomaticAlternate Gateway Using BCAdmin Gateway IngressDisabled WEP KeyForwarding Settings 11. BreadCrumb Properties Forwarding TabSecurity Example Port Forwarding Configuration for a Web ServerWEP Access Control Lists ACLsKey Deny by default allow only permitted devices Allow by default deny only forbidden devicesAES-256 Encryption with AirFortress Registering AirFortressSetting the Access ID 14. Set Access ID WindowHarris SecNET11 Encrypting Wired TrafficZeroizing the Access ID Enabling/Disabling AirFortress EncryptionSecNet11 Key Filling BCAdmin PreferencesBreadCrumb inactivity threshold seconds Mapping with Fugawi Tracker Unencrypted Point-to-Multipoint Connecting Remote Wired LANsConfiguration Examples Encrypted Point-to-PointConvoy with UAV-Based Camera for Forward Observation Configuration ExamplesEncrypting a Video Feed Configuration Examples Individual BreadCrumbs TroubleshootingBreadCrumb Wireless Network Sporadic Network ConnectivitySporadic Network Connectivity Issues BreadCrumb Device Cannot Connect to BcwnTroubleshooting BCAdminRestoring Default Settings Factory Reset BreadCrumb-BCWN Connectivity IssuesFactory Reset Button Case Study Military Exercise in Thailand Joint Exercise NetworkBCAdmin screen during exercise showing BreadCrumb network Case Study Military Exercise in ThailandBalloon with Camera and BreadCrumb 802.11b BCAdminGlossary BreadCrumb / BreadCrumb DevicePeer MAC AddressPending peer Reachback Color Blinking/Solid Status Appendix A. Status Indicator LEDTable A-1. LED Status Indications 802.11b Channel Frequency GHz Appendix B. Radio FrequenciesTable B-1 .11b Channel Frequency Table Appendix C. Customer Service