Manuals / Enterasys Networks / Computer Equipment / Network Router

Enterasys Networks 9033900-04 manual Security

Models: 9033900-04

1 316
Download 316 pages 29.09 Kb
Page 99
Image 99

Security

Data Encryption Setup enables or disables the access point to use WEP shared keys for data encryption. If this option is selected, you must configure at least one key on the access point and all clients. (Default: Disable)

Note: You must enable WEP encryption in order to enable all types of encryption on the access point; however, you do not need to define WEP keys for WPA.

WPA Clients sets the specified radio interface or VAP to:

Required ‐ allow only WPA‐enabled clients to access the network;

Supported ‐ allow WPA‐enabled clients and clients only capable of supporting WEP to access the network;

Not supported ‐ does not allow WPA‐enabled clients to access the network. Default: Supported

WPA Key Management: You can configure WPA to work in an enterprise environment using IEEE 802.1x and a RADIUS server for user authentication. For smaller networks, you can configure WPA using a common pre‐shared key for client authentication with the access point.

WPA authentication over 802.1x sets this radio interface or VAP to the WPA enterprise mode. This mode uses IEEE 802.1x to authenticate users and to dynamically distribute encryption keys to clients.

WPA Pre‐shared Key sets this radio interface or VAP to the WPA mode for small networks. This mode uses a common password string that is manually distributed. You must configure all wireless clients associated with this radio interface or VAP with the same key. You must specify the key string under the WPA Pre‐Shared Key Type section of the Security Settings page.

Multicast Cipher Mode selects an encryption method for the global key used for multicast and broadcast traffic, which is supported by all wireless clients associated with this radio interface or VAP.

WEP specifies that communicating devices must use the same WEP key to encrypt and decrypt radio signals. WEP has many security flaws, and is not recommended for transmitting highly‐sensitive data.

TKIP provides data encryption enhancements including per‐packet key hashing (that is, changing the encryption key on each packet), a message integrity check, an extended initialization vector with sequencing rules, and a re‐keying mechanism.

AES designated by the National Institute of Standards and Technology as the successor to the Data Encryption Standard (DES) encryption algorithm.

RoamAbout Access Point 3000 Configuration Guide 4-65

Page 98 Page 100
Page 99
Image 99
Enterasys Networks 9033900-04 manual Security
Page 98 Page 100