Manuals / NETGEAR / Computer Equipment / Network Card

NETGEAR WGE111 How Does WPA Compare to IEEE 802.11i?, What are the Key Features of WPA Security?

Models: WGE111

1 88

Download 88 pages 16.82 Kb

Page 72

User Manual for the NETGEAR 54 Mbps Wireless PC Card WG511

How Does WPA Compare to IEEE 802.11i?

WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that are not included in WPA are secure IBSS (Ad Hoc mode), secure fast handoff (for specialized

802.11VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These features are either not yet ready for market or will require hardware upgrades to implement.

What are the Key Features of WPA Security?

The following security features are included in the WPA standard:

•WPA Authentication

•WPA Encryption Key Management

–Temporal Key Integrity Protocol (TKIP)

–Michael message integrity code (MIC)

–AES Support (to be phased in)

•Support for a Mixture of WPA and WEP Wireless Clients, but mixing WEP and WPA is discouraged

These features are discussed below.

WPA addresses most of the known WEP vulnerabilities and is primarily intended for wireless infrastructure networks as found in the enterprise. This infrastructure includes stations, access points, and authentication servers (typically RADIUS servers). The RADIUS server holds (or has access to) user credentials (for example, user names and passwords) and authenticates wireless users before they gain access to the network.

The strength of WPA comes from an integrated sequence of operations that encompass 802.1X/ EAP authentication and sophisticated key management and encryption techniques. Its major operations include:

•Network security capability determination. This occurs at the 802.11 level and is communicated through WPA information elements in Beacon, Probe Response, and (Re) Association Requests. Information in these elements includes the authentication method (802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).

C-10	Wireless Networking Basics

Image 72

NETGEAR WGE111 user manual How Does WPA Compare to IEEE 802.11i?, What are the Key Features of WPA Security?

Contents

User Manual for the NETGEAR WGE111 Wireless Game Adapter NETGEAR, IncTechnical Support Statement of ConditionsNETGEAR, INC. Support Information E-mail support@netgear.comNETGEAR Wireless Game Adapter WGE111 Tested to Comply with FCC StandardsFederal Communications Commission FCC Radiation Exposure Statement Canadian Department of Communications Radio Interference RegulationsVCCI Statement Contents Basic SetupChapter About This Manual ChapterChapter Web Configuration TroubleshootingTechnical Specifications ChapterAppendix C Wireless Networking Basics Wireless Networking OverviewAuthentication and WEP Wireless ChannelsContents Chapter About This Manual Audience, Conventions, ScopeHow to Use this Manual How to Print this Manual User Manual for the NETGEAR WGE111 Wireless Game Adapter About This ManualAbout the NETGEAR WGE111 Wireless Game Adapter Chapter IntroductionKey Features and Related NETGEAR Products What’s in the Box?NETGEAR WGE111 Wireless Game Adapter Resource CD, including Introduction Status Indicators and Ports of the WGE111 See the table below for a description of the LED indicator lightsUser Manual for the NETGEAR WGE111 Wireless Game Adapter LED DescriptionsReset Push Button User Manual for the NETGEAR WGE111 Wireless Game Adapter IntroductionChapter Basic Setup Preparing to Install Your WGE111 Wireless Game Adapter“Game Console Plug-and-Go Scenario” on page “Personal Computer Plug-and-Go Scenario” on pagePlacement and Range Guidelines System RequirementsOperating Modes Switch PositionMode Your SystemWizard Configuration What you doPersonal Computer Plug-and-Go Scenario Planning the WGE111 Wireless Game Adapter Configuration Planning for TCP/IP ConfigurationDynamic IP using DHCP Fixed IPUnderstanding WEP Authentication and Encryption Authentication Scheme SelectionSubnet mask Encryption Strength Choices Using the NETGEAR Smart Wizard Configuration Assistant Understanding WPA-PSK Encryption Securitya. Connect one end of the Ethernet cable to the Wireless Game Adapter Double-click setup.exe if the program does not start automatically Select the Infrastructure and/or Ad-Hoc mode network settings Select the TCP/IP Settings User Manual for the NETGEAR WGE111 Wireless Game Adapter Basic Setup3-14 Chapter Web Configuration Configuring the Wireless Game Adapter Using TCP/IPConnecting to the Wireless Game Adapter Viewing the Wireless Game Adapter StatusWireless Settings Configuring the Adapter for Infrastructure Mode Access IP SettingsDevice Information Data Rate g only - operates in 802.11g mode onlyb only - operates in 802.11b mode only The data rate is set to Auto by defaultUsing WEP Security Encryption Wireless SecurityAuthentication Type Network Name SSIDConfiguring the Wireless Game Adapter for Ad-Hoc Mode Using WPA-PSK Security EncryptionManual Entry Mode Automatic Key Generation PassphraseTo configure the WGE111 for Ad-Hoc access Viewing the Wireless Networks Available Configuring the IP SettingsFigure 4-4 Wireless Networks Available The default values are suitable for most users and situations Changing the WGE111 Wireless Game Adapter Password Upgrading the FirmwareRestoring the Factory Defaults Figure 4-7 Restore Factory Defaults screenChapter Troubleshooting Go to “Troubleshooting the TCP/IP Settings Using Ping” on pageGo to “Restoring the Default Configuration and Password” on page Symptom SolutionBasic Tips Causewireless router or access point, wait, and then change the wireless game adapters IP addresssure all the devices are on the same IP network See “Using the NETGEAR Smart Wizard Configuration Assistant” on page 3-9 forFrequently Asked Questions I cannot configure the WGE111 from a browserTroubleshooting the TCP/IP Settings Using Ping Troubleshooting the Web Configuration InterfaceRestoring the Default Configuration and Password User Manual for the NETGEAR WGE111 Wireless Game Adapter TroubleshootingAppendix A Technical Specifications Technical SpecificationsUser Manual for the NETGEAR WGE111 Wireless Game Adapter Technical SpecificationsAppendix B Understanding IP Addresses IP Addresses and the InternetThe five address classes are Class A Netmask Subnet Addressing Figure 5-2 Example of Subnetting a Class B AddressTable 5-1. Netmask Notation Translation Table for One Octet Table 5-2. Netmask FormatsNumber of Bits Dotted-Decimal ValuePrivate IP Addresses Address Resolution Protocol IP Configuration by DHCPUser Manual for the NETGEAR WGE111 Wireless Game Adapter Understanding IP AddressesAppendix C Wireless Networking Basics Wireless Networking OverviewInfrastructure Mode Authentication and WEP Ad Hoc Mode Peer-to-Peer WorkgroupNetwork Name Extended Service Set Identification ESSID 802.11 Authentication Open System Authentication802.11b Authentication Open System Steps 1 Authentication request sent to AP 2 AP authenticatesAccess Point 3 Client connects to network Client attempting to connect1. Do Not Use WEP The the dataWEP Configuration Options Key SizeWireless Channels WPA Wireless Security How Does WPA Compare to WEP? What are the Key Features of WPA Security? How Does WPA Compare to IEEE 802.11i?The primary information conveyed in the Beacon frames is the authentication method and the cipher suite. Possible authentication methods include 802.1X and Pre-shared key. Pre-shared key is an authentication method that uses a statically configured passphrase on both the stations and the access point. This obviates the need for an authentication server, which in many home and small office environments will not be available nor desirable. Possible cipher suites include WEP, TKIP, and AES Advanced Encryption Standard. We talk more about TKIP and AES when addressing data privacy below Wireless LAN Wired Network with Optional 802.1x Port Based Network Access ControlLogin Authentication Figure C-3 WPA Overview2. The access point replies with an EAP-request identity message WPA Data Encryption Key Management Optional AES Support to be Phased In Temporal Key Integrity Protocol TKIPMichael Supporting a Mixture of WPA and WEP Wireless Clients is Discouraged Is WPA Perfect?Product Support for WPA Changes to Wireless Access Points The WPA two-phase authenticationChanges to Wireless Network Adapters The new WPA information elementChanges to Wireless Client Programs List of Glossary Terms 1000BASE-T802.1Q 802.3User Manual for the NETGEAR WGE111 Wireless Game Adapter Dynamic Host Configuration ProtocolGlossary DHCPUser Manual for the NETGEAR WGE111 Wireless Game Adapter Internet service providerUser Manual for the NETGEAR WGE111 Wireless Game Adapter Network Address TranslationUser Manual for the NETGEAR WGE111 Wireless Game Adapter Windows Internet Naming ServiceGlossary WINSUser Manual for the NETGEAR WGE111 Wireless Game Adapter GlossaryIndex Numerics