Key Management | Encryption Algorithm | User Authentication |
IEEE 802.1x provides | An RC4 stream cipher is used |
dynamically generated keys | to encrypt the frame body and |
that are periodically | cyclic redundancy checking |
refreshed. | (CRC) of each 802.11 frame. |
There are different Unicast | (This is the same encryption |
keys for each station. | algorithm as is used for Static |
| WEP.) |
IEEE 802.1x mode supports a variety of authentication methods, like certificates, Kerberos, and public key authentication with a RADIUS server.
You have a choice of using the Gateway 7001 Series
Recommendations
IEEE 802.1x mode is a better choice than Static WEP because keys are dynamically generated and changed periodically. However, the encryption algorithm used is the same as that of Static WEP and is therefore not as reliable as the more advanced encryption methods such as TKIP and CCMP (AES) used in
Additionally, compatibility issues may be cumbersome because of the variety of authentication methods supported and the lack of a standard implementation method. For this reason, if you do use IEEE 802.1x, we suggest using it with the embedded RADIUS server.
Therefore, IEEE 802.1x mode is not as secure a solution as
For information on how to configure IEEE 802.1x security mode, see “IEEE 802.1x” on page 93.
When to use WPA with RADIUS
www.gateway.com | 83 |