NETGEAR WG302 manual How Does WPA Compare to WEP?

Page 85

Reference Manual for the NETGEAR ProSafe Wireless Access Point 802.11g WG302

WPA offers the following benefits:

Enhanced data privacy

Robust key management

Data origin authentication

Data integrity protection

The Wi-Fi Alliance is now performing interoperability certification testing on Wi-Fi Protected Access products. Starting August of 2003, all new Wi-Fi certified products will have to support WPA. NETGEAR will implement WPA on client and access point products and make this available in the second half of 2003. Existing Wi-Fi certified products will have one year to add WPA support or they will lose their Wi-Fi certification.

The 802.11i standard is currently in draft form, with ratification due at the end of 2003. While the new IEEE 802.11i standard is being ratified, wireless vendors have agreed on WPA as an interoperable interim standard.

How Does WPA Compare to WEP?

WEP is a data encryption method and is not intended as a user authentication mechanism. WPA user authentication is implemented using 802.1x and the Extensible Authentication Protocol (EAP). Support for 802.1x authentication is required in WPA. In the 802.11 standard, 802.1x authentication was optional. For details on EAP specifically, refer to IETF's RFC 2284.

With 802.11 WEP, all access points and client wireless adapters on a particular wireless LAN must use the same encryption key. A major problem with the 802.11 standard is that the keys are cumbersome to change. If you do not update the WEP keys often, an unauthorized person with a sniffing tool can monitor your network for less than a day and decode the encrypted messages. Products based on the 802.11 standard alone offer system administrators no effective method to update the keys.

For 802.11, WEP encryption is optional. For WPA, encryption using Temporal Key Integrity Protocol (TKIP) is required. TKIP replaces WEP with a new encryption algorithm that is stronger than the WEP algorithm, but that uses the calculation facilities present on existing wireless devices to perform encryption operations. TKIP provides important data encryption enhancements including a per-packet key mixing function, a message integrity check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. Through these enhancements, TKIP addresses all of known WEP vulnerabilities.

Wireless Networking Basics

B-9

September 2004

Image 85
Contents September Technical Support Placement and Range Guidelines Declaration of Conformity Industry Canada Compliance Statement September Contents Chapter Management Appendix a Specifications Contents Audience, Versions, Conventions Chapter About This ManualHtml version of this manual How to Use this ManualHow to Print this Manual About This Manual Chapter Introduction Supported Standards and Conventions Key FeaturesAutoCell-The Self-Organizing Wireless Network Autosensing Ethernet Connections with Auto Uplink 802.11g Standards-based Wireless NetworkingCompatible and Related Netgear Products What’s In the Box? System RequirementsHardware Description Following table explains the LED indicatorsLED Description WG302 provides two detachable antenna This socket connects to the WG302 12V 1.2A power adapterMale DB-9 serial port for serial DTE connections Introduction Observing Placement and Range Guidelines Chapter Basic Installation and ConfigurationCabling Requirements Feature Factory Default Settings Default Factory SettingsLUHOHVVDWD 6HFXULW\2SWLRQV Understanding WG302 Wireless Security OptionsSET UP the WG302 Access Point Installing the WG302 Access PointLogin window Login result WG302 home Web browser will then display the WG302 settingsBasic Settings menu Configure the settings appropriate for your networkDeploy the WG302 Access Point Verify Wireless Connectivity How to Log In to the WG302 Using Its Default IP Address Understanding Basic Wireless Settings Basic Installation and Configuration Understanding WEP/WPA Security Options Wireless Security Settings Field Description Security Encryption Field Description WPA-PSK Wi-Fi Key Before You Change the Ssid and WEP SettingsHow to Set Up and Test Basic Wireless Connectivity Select the Turn Access Control On check box How to Restrict Wireless Access by MAC AddressTo configure WEP data encryption, follow these steps How to Configure WEPClick Apply to save your settings How to Configure WPA-PSK How to Configure WPA10 Wireless Settings menu Using the Basic IP Settings OptionsAccess Point Name NetBIOS Time Zone Select the time zone location for your settingHow to Use the CLI via the Console Port Using the Secure Telnet InterfaceThese settings appear below the connector on the back panel Chapter ManagementPress the return key, and the screen below should appear CLI CommandsSyslog and Activity Log information Using Syslog and Activity Log InformationThis screen shows the following parameters Viewing General, Log, Station, and Statistical InformationField Description StatisticsWireless Access Point Status screen Statistics Fields Viewing a List of Attached Devices Upgrading the Wireless Access Point SoftwareConfiguration File Management Settings Backup menu Saving and Retrieving the ConfigurationUsing the Reset Button to Restore Factory Default Settings Restoring the WG302 to the Factory Default SettingsChanging the Administrator Password Set Password menu Management Understanding Advanced IP Settings for Wireless Clients Chapter Advanced ConfigurationAutoCell RF Management Understanding Advanced Wireless SettingsAutoCell RF management is enabled by default ConfigurationAdditional AutoCell View Management Options Table below describes the advanced wireless parameters Configuring Wireless LAN ParametersAdvanced Wireless Settings Access Point Mode settings Enabling Wireless Bridging and RepeatingPoint-to-Point Bridge How to Configure a WG302 as a Point-to-Point BridgeConfigure the Operating Mode WG302 AP1 on LAN How to Configure MultiHow to Configure Wireless Repeating Advanced Configuration No lights are lit on the access point Chapter TroubleshootingLAN light is not lit Wireless LAN activity light does not light upWhen I enter a URL or IP address I get a timeout error Cannot connect to the WG302 to configure itUsing the Reset Button to Restore Factory Default Settings Specifications for the WG302 Appendix a SpecificationsSpecifications Wireless Networking Overview Appendix B Wireless Networking BasicsInfrastructure Mode This chapter provides an overview of Wireless networkingAd Hoc Mode Peer-to-Peer Workgroup Authentication and WEP Data EncryptionNetwork Name Extended Service Set Identification Essid Open System Authentication Authentication$XWKHQWLFDWLRQ6WHSV Shared Key AuthenticationSends Iteback TOO!0 Overview of WEP ParametersKey Size WEP Configuration Options Wireless ChannelsWPA Wireless Security How Does WPA Compare to WEP? How Does WPA Compare to Ieee 802.11i? What are the Key Features of WPA Security?Wireless Networking Basics Figure B-3 WPA Overview Figure B-4 802.1x Authentication Sequence Access point replies with an EAP-request identity messageWPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Product Support for WPA Is WPA Perfect?Open system, then 802.1x supplicant EAP or preshared key Open system, then 802.1x EAP with Radius or preshared keyChanges to Wireless Client Programs Command Sets Appendix C Command Line ReferenceCommand Line Reference Command Line Reference Command Line Reference Glossary Dhcp DSL Internet service provider Radius TLS Wins Glossary Numerics IndexWEP B-3
Related manuals
Manual 34 pages 38.47 Kb