18CHAPTER 3: ACCESS POINT SECURITY

them. After successful authentication, the TLS server securely sends the session keys to the access point and user data is allowed to pass. EAP-TLS is currently supported only under Windows XP.

3Com Serial Serial Authentication, a 3Com-proprietary upper layer authentication mechanism, Authentication uses a two-phase process involving both EAP-TLS and EAP-MD5

In the first phase, the wireless client and the RADIUS EAP-TLS server mutually authenticate each other. All clients can authenticate to the TLS server because a common certificate is provided during software installation. Successful completion of this phase establishes dynamic session keys that protect subsequent communication between the wireless client and access point.

In the second phase, the server can securely use EAP-MD5 to authenticate the user. Once authenticated, the server informs the access point and data traffic from the client is allowed to pass to the wired network.

3Com Serial Authentication also includes optional dynamic session-key renewal, which greatly enhances system security. Dynamic key renewal means that, following the initial upper layer authentication, the client and the access point periodically update the session keys used for encryption.

3Com’s Serial Authentication method provides obvious advantages. By combining encryption key distribution and a secure network authentication, it makes use of two complementary authentication schemes. Additionally, the client and the access point dynamically update session keys while the network session is in progress. Because Serial Authentication is a 3Com proprietary scheme, it must be used with the 3Com Wireless LAN PC Card (model 3CRWE62092A) and the 3Com Access Point 8000. Serial authentication is supported by the 3Com 802.1x agent (described below).

Additional Security If you choose not to use an upper layer authentication scheme, 3Com’s security Configuration Options solution also supports the authentication and encryption methods described

below.

Open Network. The open-network option assumes that neither authentication nor encryption are required. No security is used.

40-bit Shared Key Encryption. This option is compatible with Wi-Fi certified equipment from other vendors. Encryption keys must be set up on both the client and the access point. The network administrator sets up a fixed set of encryption keys for the wireless network and supplies users with an encryption string or a set of hexadecimal keys. This option can be used with local access point authentication or with EAP-MD5 RADIUS authentication.

128-bit Shared Key Encryption. This option is compatible with 128-bit shared key from most vendors, including 3Com, Agere, and Cisco. The network administrator sets up encryption keys for the wireless network and supplies users with an encryption string or hexadecimal keys. You must set up encryption keys on both the client and access point. This option can be used with local access point authentication or with EAP-MD5 RADIUS authentication.

Page 23 Page 25
Page 24
Image 24
3Com 11 Mbps manual Access Point Security
Page 23 Page 25

11 Mbps specifications

3Com 11 Mbps was a pivotal product in the evolution of networking technology, paving the way for wireless communications as we know them today. Introduced in the late 1990s, this wireless LAN (Local Area Network) product utilized the IEEE 802.11 standard, which defined the protocols for wireless networking. Operating at a maximum data rate of 11 megabits per second, it offered users a revolutionary means of connecting devices without the constraints of physical cabling.

One of the main features of the 3Com 11 Mbps solution was its simplicity and ease of installation. Unlike traditional wired networks that involved intricate setups of cabling and switches, 3Com facilitated a swift deployment process. Users could set up a wireless network in minutes, allowing organizations to enhance their productivity without extensive infrastructure.

The technology behind 3Com 11 Mbps was based on Direct Sequence Spread Spectrum (DSSS) modulation. This approach spread the signal over a wider frequency range, which improved resistance to interference from other devices. The 2.4 GHz frequency band used by this network supported compatibility with various devices, making it a flexible option for businesses and homes alike.

In terms of security, 3Com incorporated Wired Equivalent Privacy (WEP), which aimed to provide a level of data confidentiality comparable to that found in wired networks. However, WEP was later found to have vulnerabilities, leading to the development of more secure protocols like WPA (Wi-Fi Protected Access) and WPA2 in subsequent technologies.

Another characteristic that distinguished the 3Com 11 Mbps system was its ability to support multiple devices simultaneously. With the emergence of wireless laptops, printers, and other peripherals, a single access point could service several users without significant performance degradation.

Ultimately, the 3Com 11 Mbps was a significant stepping stone in the development of wireless technology. It showcased the potential of wireless networking and set the standard for future innovations. Although much faster and more secure wireless technologies have since emerged, the legacy of 3Com 11 Mbps resides in the fundamental advancements it brought to the realm of connectivity, making it easier and more accessible for users around the globe.
Top Page Image Contents