Appendix D

Overview of security settings

To help improve the security of the wireless network and prevent unauthorized access, the printer supports many common types of network authentication, including WEP, WPA, and WPA2.

WEP: Provides security by encrypting data sent over radio waves from one wireless device to another wireless device. Devices on a WEP-enabled network use WEP keys to encode data. If your network uses WEP, you must know the WEP key(s) it uses.

WPA: Increases the level of over-the-air data protection and access control on existing and future wireless networks. It addresses all known weaknesses of WEP, the original native security mechanism in the 802.11 standard. WPA uses the Temporal Key Integrity Protocol (TKIP) for encryption and employs 802.1X authentication with one of the standard Extensible Authentication Protocol (EAP) types available today.

WPA2: Provides enterprise and consumer wireless users with a high level of assurance that only authorized users can access their wireless networks. WPA2 provides the Advanced Encryption Standard (AES). AES is defined in counter cipher-block chaining mode (CCM) and supports the Independent Basic Service Set (IBSS) to enable security between client workstations operating connected wirelessly without a wireless router (such as a Linksys wireless router or Apple AirPort Base Station).

Add hardware addresses to a wireless router (MAC filtering)

MAC filtering is a security feature in which a wireless router or wireless access point is configured with a list of hardware addresses (also called "MAC addresses") of devices that are allowed to gain access to the network through the router.

If the router filters hardware addresses, then the printer's hardware address must be added to the router’s list of accepted hardware addresses. If the router does not have the hardware address of a printer attempting to access the network, the router denies the printer access to the network.

CAUTION: This method is not recommended, however, because your MAC addresses can easily be read and falsified by unwanted users outside your network.

To add hardware addresses to a wireless router or wireless access point

1.Print the network configuration page, and then locate the printer’s hardware address. For more information, see Understand the network configuration page.

NOTE: The printer maintains separate hardware addresses for the Ethernet connection and for wireless connection. Both hardware addresses are listed on the printer’s network

configuration page.

2.Open the configuration utility for the wireless router or wireless access point, and add the printer's hardware address to the list of accepted hardware addresses.

NOTE: For more information about using the configuration utility, see the documentation provided with the router or wireless access point.

Other wireless security guidelines

To keep the wireless network secure, follow these guidelines:

Use a wireless password with at least 20 random characters. You can use up to 64 characters in a WPA wireless password.

Avoid any common words or phrases, easy sequences of characters (such as all 1s), and personally-identifiable information for wireless passwords. Always use random strings composed of uppercase and lowercase letters, numbers, and if allowed, special characters such as punctuation.

Change the default wireless password provided by the manufacturer for administrator access to the access point or wireless router. Some routers let you change the administrator name as well.

226 Network setup