Fortress Technologies ecure Wireless Access Bridge Cleartext Security, Fortress Security, Open WEP and Shared WEP

Fortress Bridge: Configuration

NOTE:

Certain

Se-

curity Suite

options

require that an 802.1X

authentication server be

configured for the

Bridge. These include:

802.1X and those WPA

and WPA2 settings that

do not use PSK. Refer to

Section 3.4.1.

The security protocol(s) employed by the Bridge’s virtual

access point are configured per VAP.

Your selection in the Security Suite field of the VIRTUAL ACCESS

POINT SETTINGS frame determines which fields are configurable

(and which are grayed-out) in the SECURITY SUITE SETTINGS

frame (in the lower half of the same screen), as described

below.

Cleartext Security

Selecting Cleartext as a VAP’s Security Suite essentially turns

off security measures for that VAP. Wireless devices

connected to the VAP send and receive all traffic in the clear

(i.e., unencrypted).

A Security Suite setting of Cleartext requires no further

configuration.

Fortress Security

Selecting Fortress as a VAP’s Security Suite requires all traffic

on that VAP to use Fortress’s Mobile Security Protocol (MSP),

as configured on the Bridge itself (on the SECURITY SETTINGS

screen of the Bridge GUI or in the Bridge CLI).

When the Radio Mode is Bridge, whether in Root or Non-Root

mode, you must select Fortress as the Security Suite setting for

that radio’s single VAP.

A Security Suite setting of Fortress requires no further

configuration in the SECURITY SUITE SETTINGS frame.

Open WEP and Shared WEP

Open WEP (Wired Equivalent Privacy) and Shared WEP both

use static keys for data encryption. They are distinguished by

their authentication methods.

Open WEP operates on the assumption that the keys

configured on the VAP and on connecting devices have been

entered correctly. It allows devices to connect without

challenge and then uses the configured keys to encrypt the

data passing between the Bridge and the connected device.

Shared WEP does not allow a device to connect until it has

successfully encrypted a challenge sent by the VAP. When the

VAP’s challenge receives a correct response from the

connecting device, it allows the connection and then uses the

configured keys to encrypt the data passing between the

Bridge and the connected device.

Selecting Open-WEP or Shared-WEP as a VAP’s Security Suite

requires the same settings to be configured in the SECURITY

SUITE SETTINGS frame. These include:

WEP Key Length - WEP keys can be 104 or 40 bits long. 104-bit

is the default.