NETGEAR WAG302 How Does WPA Compare to Ieee 802.11i?, What are the Key Features of WPA Security?

Page 100

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG302

How Does WPA Compare to IEEE 802.11i?

WPA will be forward compatible with the IEEE 802.11i security specification currently under development. WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that are not included in WPA are secure IBSS (Ad-Hoc mode), secure fast handoff (for specialized 802.11 VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These features are either not yet ready for market or will require hardware upgrades to implement.

What are the Key Features of WPA Security?

The following security features are included in the WPA standard:

•WPA Authentication

•WPA Encryption Key Management

–Temporal Key Integrity Protocol (TKIP)

–Michael message integrity code (MIC)

–AES Support (to be phased in)

•Support for a Mixture of WPA and WEP Wireless Clients, but mixing WEP and WPA is discouraged

These features are discussed below.

WPA addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise. This infrastructure includes stations, access points, and authentication servers (typically RADIUS servers). The RADIUS server holds (or has access to) user credentials (for example, user names and passwords) and authenticates wireless users before they gain access to the network.

The strength of WPA comes from an integrated sequence of operations that encompass 802.1X/ EAP authentication and sophisticated key management and encryption techniques. Its major operations include:

•Network security capability determination. This occurs at the 802.11 level and is communicated through WPA information elements in Beacon, Probe Response, and (Re) Association Requests. Information in these elements includes the authentication method (802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).

B-12	Wireless Networking Basics

202-10078-01

Image 100

Contents NETGEAR, Inc Technical Support WAG302 ProSafe Dual Band Wireless Access Point Tested to Comply with FCC StandardsDeclaration of Conformity Industry Canada Compliance Statement Product and Publication Details Contents Chapter Management Appendix a Specifications Appendix C Command Line Reference Audience, Scope, Conventions, and Formats Chapter About This ManualBold How to Use This Manual How to Print this Manual Printing a Page in the Html ViewAbout This Manual About the WAG302 ProSafe Dual Band Wireless Access Point Chapter IntroductionKey Features Supported Standards and ConventionsAutoCell-The Self-Organizing Wireless Network Compatible and Related Netgear Products 802.11a/g Standards-based Wireless NetworkingAutosensing Ethernet Connections with Auto Uplink System Requirements What’s In the Box?Front Panel Hardware Description100 802.11a Wlan Rear Panel802.11g Wlan Serial Console Port Chapter Basic Installation and Configuration Observing Placement and Range GuidelinesCabling Requirements Default Factory Settings Time Zone Adjust for Daylight Saving TIme DisabledEnabled but Trap forwarding is disabled Secure Telnet EnabledUnderstanding WAG302 Wireless Security Options LUHOHVVDWD 6HFXULW\2SWLRQVInstalling the WAG302 Access Point SET UP the WAG302 Access PointLogin window Web browser will then display the WAG302 General information Basic Settings menu Basic Installation and Configuration Wireless Settings 11a menu Deploy the WAG302 Access Point How to Log In to the WAG302 Using Its Default IP Address Understanding Basic Wireless Settings Wireless Settings 11aBasic Installation and Configuration Wireless Settings 11b/g Basic Installation and Configuration Basic Installation and Configuration 10 WEP/WPA Settings menus for 11a and 11b/g Understanding WEP/WPA Security OptionsBasic Installation and Configuration Before You Change the Ssid and WEP Settings 802.11a Configuration802.11b/g Configuration How to Set Up and Test Basic Wireless Connectivity How to Restrict Wireless Access by MAC Address Access Control 11a menu Access Control 11b/g menuHow to Configure WEP Click Apply to save your settings How to Configure WPA with Radius 13 Radius Server Settings menu 14 WEP/WPA Settings menus for 11a and 11bg How to Configure WPA-PSK 15 WEP/WPA Settings menus for 11a and 11bgUsing the Basic IP Settings Options IP AddressSpanning Tree Protocol Basic Installation and Configuration Chapter Management Remote ManagementUsing the Secure Telnet Interface How to Use the CLI via the Console PortCLI Commands Secure Telnet ClientUsing Syslog and Activity Log Information Syslog and Activity Log informationViewing General and Statistical Information General InformationCurrent IP Settings Field Description Access Point InformationCurrent Wireless Settings 11a Field Description Current Wireless Settings 11b/g Wireless 11a Received/Transmitted Field Description Wired Ethernet Received/TransmittedStatistics Viewing a List of Attached Devices Field Description Wireless 11b/g Received/TransmittedRefresh button Upgrading the Wireless Access Point Software Configuration File ManagementSaving and Retrieving the Configuration Restoring the WAG302 to the Factory Default SettingsUsing the Reset Button to Restore Factory Default Settings Rebooting the Access PointChanging the Administrator Password Set Password menuManagement Chapter Advanced Configuration Understanding Advanced IP Settings for Wireless ClientsAdvanced IP Settings for Wireless Clients screen Understanding Advanced Wireless Settings Problem AutoCell Settings Enhance RF Privacy -- Default DisableAuto RF Management -- Default Enable AutoCell RF ManagementAuto RF Management Enhanced RF Security ‘Stealth Mode’ Additional AutoCell View Management Options Configuring Wireless LAN Parameters Advanced Wireless Settings screenEnabling Wireless Bridging and Repeating How to Configure a WAG302 as a Point-to-Point Bridge Point-to-Point BridgeManual Advanced Configuration How to Configure Wireless Repeating Multi-Point bridgingAdvanced Configuration Chapter Troubleshooting No lights are lit on the access pointWireless LAN activity light does not light up LAN light is not litCannot connect to the WAG302 to configure it When I enter a URL or IP address I get a timeout errorUsing the Reset Button to Restore Factory Default Settings Specifications for the WAG302 Appendix a SpecificationsParameter WAG302 ProSafe Dual Band Wireless Access Point Specifications Wireless Networking Overview Appendix B Wireless Networking BasicsInfrastructure Mode Ad Hoc Mode Peer-to-Peer Workgroup Network Name Extended Service Set Identification EssidAuthentication and WEP Data Encryption Authentication802.11b Authentication Open System Steps 802.11b Authentication Shared Key Steps Key Size WEP Configuration Options Wireless Channels802.11b/g Wireless Channels Table B-2 802.11b/g Radio Frequency Channels Channel Center Frequency Frequency Spread 802.11a Wireless Channels Channel FrequencyWPA Wireless Security WAG302 user can use five channels in turbo modeHow Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to Ieee 802.11i?Wireless Networking Basics Figure B-3 WPA Overview Radius ServerAccess point replies with an EAP-request identity message WPA Data Encryption Key Management Temporal Key Integrity Protocol Tkip Is WPA Perfect? Product Support for WPAChanges to Wireless Access Points Changes to Wireless Client Programs Appendix C Command Line Reference Command SetsCommand Line Reference Command Line Reference Command Line Reference 100BASE-Tx 802.1x802.11a 802.11bCat Auto UplinkCertificate Authority Dynamic Host Configuration Protocol Domain NameInternet Protocol Local area networkMAC address MbpsNetBIOS NetmaskNetwork Address Translation PacketWi-Fi Windows Internet Naming Service Wide area networkWireless Network Name Ssid Glossary

Related manuals

Manual 2 pages 4.37 Kb