WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

IEEE 802.1x. The IEEE 802.1x authentication standard allows for the use of keys that are dynamically generated on a per-user basic (as opposed to a static key that is the same on all devices in the network).

Note: The 802.1x standard requires the use of a RADIUS authentication server. Most Lightweight Directory Access Protocol (LDAP) servers do not support 802.1x.

With 802.1x authentication, a supplicant is the wireless client that wants to gain access to the network and the device that communicates with both the supplicant and the authentication server is the authenticator. In this system, the WFS709TP is the 802.1x authenticator, relaying authentication requests between the authentication server and the supplicant.

Note: During the authentication process, the supplicant (the wireless client) and the RADIUS authentication server negotiate the type of Extensible Authentication Protocol (EAP) they will use for the authentication transaction. The EAP type

is completely transparent to the WFS709TP and has no impact on its configuration.

Wi-Fi Protected Access (WPA). WPA implements most of the IEEE 802.11i standard. It is designed for use with an 802.1x authentication server (the Wi-Fi Alliance refers to this mode as WPA-Enterprise). WPA uses the Temporal Key Integrity Protocol (TKIP) to dynamically change keys and RC4 stream cipher to encrypt data.

WPA in pre-shared key (PSK) mode (WPA-PSK). With WPA-PSK, all clients use the same key (the Wi-Fi Alliance refers to this mode as WPA-Personal).

Note: In PSK mode, users must enter a passphrase 8–63 characters in length to access the network. PSK is intended for home and small office networks where

operating an 802.1x authentication server is not practical

WPA2. WPA2 implements the full IEEE 802.11i standard. In addition to WPA features, WPA2 provides Counter Mode with Cipher Blocking Chaining Message Authentication Code Protocol (CCMP) for encryption that uses the Advanced Encryption Standard (AES) algorithm. The Wi-Fi Alliance refers to this mode as WPA2-Enterprise.

WPA2-PSK.WPA2-PSK is WPA2 used in PSK mode, where all clients use the same key. The Wi-Fi Alliance refers to this mode as WPA2-Personal.

Overview of the WFS709TP

1-9

v1.0, June 2007

Page 25
Image 25
NETGEAR WFS709TP-100NAS manual V1.0, June