Manuals / NETGEAR / Computer Equipment / Network Router

NETGEAR DG834GT manual WPA Data Encryption Key Management

Models: DG834GT

1 176
Download 176 pages 5.89 Kb
Page 166
Image 166

Reference Manual for the Model DG834GT 108 Mbps Super Wireless ADSL Router

3.The client sends an EAP-response packet containing the identity to the authentication server. The access point responds by enabling a port for passing only EAP packets from the client to an authentication server located on the wired side of the access point. The access point blocks all other traffic, such as HTTP, DHCP, and POP3 packets, until the access point can verify the client's identity using an authentication server (for example, RADIUS).

4.The authentication server uses a specific authentication algorithm to verify the client's identity. This could be through the use of digital certificates or some other EAP authentication type.

5.The authentication server will either send an accept or reject message to the access point.

6.The access point sends an EAP-success packet (or reject packet) to the client.

7.If the authentication server accepts the client, then the access point will transition the client's port to an authorized state and forward additional traffic.

The important part to know at this point is that the software supporting the specific EAP type resides on the authentication server and within the operating system or application “supplicant” software on the client devices. The access point acts as a “pass through” for 802.1x messages, which means that you can specify any EAP type without needing to upgrade an 802.1x-compliant access point. As a result, you can update the EAP authentication type to such devices as token cards (Smart Cards), Kerberos, one-time passwords, certificates, and public key authentication, or as newer types become available and your requirements for security change.

WPA Data Encryption Key Management

With 802.1x, the rekeying of unicast encryption keys is optional. Additionally, 802.11 and 802.1x provide no mechanism to change the global encryption key used for multicast and broadcast traffic. With WPA, rekeying of both unicast and global encryption keys is required.

For the unicast encryption key, the Temporal Key Integrity Protocol (TKIP) changes the key for every frame, and the change is synchronized between the wireless client and the wireless access point (AP). For the global encryption key, WPA includes a facility (the Information Element) for the wireless AP to advertise the changed key to the connected wireless clients.

If configured to implement dynamic key exchange, the 802.1x authentication server can return session keys to the access point along with the accept message. The access point uses the session keys to build, sign and encrypt an EAP key message that is sent to the client immediately after sending the success message. The client can then use contents of the key message to define applicable encryption keys. In typical 802.1x implementations, the client can automatically change encryption keys as often as necessary to minimize the possibility of eavesdroppers having enough time to crack the key in current use.

D-14

Wireless Networking Basics

August 2004

Page 165 Page 167
Page 166
Image 166
NETGEAR DG834GT manual WPA Data Encryption Key Management
Page 165 Page 167

DG834GT specifications

The NETGEAR DG834GT is a versatile wireless ADSL2+ modem router that is widely recognized for its reliable performance and impressive feature set. As an all-in-one solution, it caters to the needs of both home and small office users who require stable internet connectivity combined with advanced networking capabilities.

One of the standout features of the DG834GT is its impressive wireless performance, which supports wireless 802.11g technology. This allows for wireless speeds of up to 54 Mbps, making it suitable for common internet activities such as web browsing, email, and streaming media. For users seeking enhanced range and reliability, the modem incorporates NETGEAR's patented Smart Wizard technology, which simplifies the installation process and ensures optimal wireless coverage throughout the area.

The DG834GT also supports ADSL2+ internet connections, providing a robust bandwidth of up to 24 Mbps, depending on the service provider and distance from the exchange. This means users can take full advantage of high-speed internet services, allowing for smooth simultaneous activities like online gaming and video conferencing.

Security is another important aspect of the DG834GT, featuring a robust firewall and support for WPA/WPA2 encryption, ensuring that user data remains secure. The modem also includes parental controls, enabling users to restrict internet access at certain times or filter content, making it ideal for family use.

In addition to its wireless capabilities, the DG834GT comes with four Ethernet ports, offering the flexibility to connect multiple wired devices. This makes it a great option for users who require stable connections for gaming consoles, desktop computers, or network printers.

Performance-wise, the NETGEAR DG834GT is equipped with Quality of Service (QoS) capabilities, allowing users to prioritize bandwidth for specific applications and devices. This ensures that essential tasks, such as video streaming or online gaming, receive the necessary bandwidth to function smoothly without interruption.

Overall, the NETGEAR DG834GT combines advanced technology, ease of use, and a comprehensive feature set, making it a popular choice among consumers looking for reliable ADSL connectivity and robust networking options. With its ability to support multiple devices and deliver high-speed internet, it remains a go-to solution for users navigating the demands of modern online life.