ProSecure Unified Threat Management (UTM) Appliance

Wireless security profiles, hereafter referred to as wireless profiles, let you configure unique security settings for each SSID on the UTM9S or UTM25S. The UTM9S and UTM25S support up to four wireless profiles (BSSIDs) that you can configure from the Wireless Profiles screen (see Configure and Enable Wireless Profiles on page 588).

Each wireless profile provides the following features:

Capability to turn off the wireless profile during scheduled vacations and office shutdowns, on evenings, or on weekends. This a green feature that allows you to save energy.

Capability to assign the wireless profile to a VLAN.

MAC address access control list that lets you add another level of security.

Capability to monitor the clients that are connected to the SSID of the wireless profile.

To set up a wireless profile, specify a name for the profile and the SSID, specify the type of security with authentication and data encryption, and specify whether the SSID is broadcast.

Network authentication

The default wireless profile is set as an open system with no authentication. When you configure network authentication, bear in mind that older wireless adapters might not support WPA or WPA2. Windows XP, Windows 2000 with Service Pack 3, and Windows Vista do include the client software that supports WPA. However, client software is required on the client. Consult the product documentation for your wireless adapter and WPA or WPA2 client software for instructions about configuring WPA2 settings.

For information about the types of network authentication that the wireless network module supports, see Configure and Enable Wireless Profiles on page 588.

Data encryption

Select the data encryption that you want to use. The available options depend on the network authentication setting described earlier (otherwise, the default is None). The data encryption settings are explained in Configure and Enable Wireless Profiles on page 588.

Here are some concepts and guidelines regarding the SSID:

A basic service set (BSS) is a group of wireless devices and a single wireless access point, all using the same security profile or service set identifier (BSSID). The actual identifier in the BSSID is the MAC address of the wireless radio. (A wireless radio can have multiple MAC addresses, one for each security profile.)

An extended service set (ESS) is a group of wireless devices, all using the same identifier (ESSID).

Different devices within an ESS can use different channels. To reduce interference, adjacent devices should use different channels.

Roaming is the ability of wireless devices to connect wirelessly when they physically move from one BSS to another one within the same ESS. The wireless device automatically changes to the wireless access point with the least interference or best performance.

Wireless Network Module for the UTM9S and UTM25S

586

Page 585 Page 587
Page 586
Image 586
NETGEAR UTM5EW-100NAS, STM150EW-100NAS manual Network authentication, Data encryption, 586
Page 585 Page 587
Top Page Image Contents