3Com 11 Mbps manual 3

The advanced security features of the Access Point 8000 address the two primary

aspects of wireless networking security: network authentication and transmission

encryption. The access point provides standardized methods for authentication

and encryption, but also offers innovative technology from 3Com that extends the

standards and makes wireless networking more secure.

The access point can provide a complete stand-alone security solution.

Alternatively, it can be integrated into an enterprise-class security solution,

interacting with a networked RADIUS server and 802.1x-enabled wireless clients.

Serial Authentication.

EAP-MD5 EAP-MD5 provides a simple way to centralize client network authentication

information in a RADIUS server. Under this scheme, the server does not require

certificates or other security information installed on client machines. At login, the

RADIUS server verifies the username and password provided by the user. Once the

user is authenticated, the server informs the access point of successful

authentication and data traffic from the client is allowed to pass to the wired

network. EAP-MD5 provides authentication only. It is possible to configure the

access point to use any of the 802.11 standard encryption mechanisms along with

EAP-MD5 authentication. EAP-MD5 is a one-way authentication scheme: it

server. A unique X.509 certificate must be generated for each network user. In

addition, the certificate must be installed on all client PCs that will be used to log

onto the network. Both a client and a server certificate are exchanged as part of

Once authenticated, the server informs the access point and data traffic from the

client is allowed to pass to the wired network. As part of authentication, the client

and TLS server derive session-specific keys based on information shared between