Nortel Networks 2300 manual Advanced Encryption Standard See AES

612Glossary

802.11b/g radio A radio that can receive and transmit signals at IEEE 802.11b and 802.11g data rates. Nortel 802.11b/g radios allow associations from 802.11b clients as well as 802.11g clients by default, for networks that have a mixture of both client types. However, association by any 802.11b clients restricts the maximum data transmit rate for all clients. To allow the radios to operate at the higher 802.11g data rates, you can set 802.11b/g radios to reject association attempts by 802.11b clients.

802.11g A supplement to the IEEE 802.11 wireless LAN (WLAN) specification, describing transmission through the Physical layer (PHY) based on orthogonal frequency division multiplexing (OFDM), at a frequency of 2.4 GHz and data rates of up to 54 Mbps.

802.11i A draft supplement to the IEEE 802.11 wireless LAN (WLAN) specification, for enhanced security through the use of stronger encryption protocols such as the Temporal Key Integrity Protocol (TKIP) and AES Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (AES-CCMP). These protocols provide replay protection, cryptographically keyed integrity checks, and key derivation based on the IEEE 802.1X port authentication standard. See also AES; CCMP; TKIP; WPA.

AAAAuthentication, authorization, and accounting. A framework for configuring services that provide a secure network connection and a record of user activity, by identifying who the user is, what the user can access, and what services and resources the user is consuming. In a Nortel WLAN 2300 System, the WLAN— Security Switch (WSS) switch can use a RADIUS server or its own local database for AAA services.

access control entry See ACE.

access control list See security ACL.

Access Point (AP) A small hardware unit that functions as a wireless access point (AP) in a Nortel WLAN 2300 System. Using one or more radio transmitters, an AP transmits and receives information as radio frequency (RF) signals to and from a wireless user (client). The AP transmits and receives information over a 10/100BASE-T Ethernet connection to and from a WLAN—Security Switch (WSS) switch. The switch also supplies electrical power to the access point by means of Power over Ethernet (PoE). An optional dual-homed connection to a second WSS provides redundancy. An AP communicates with an WSS by means of the Nortel access point Access (TAPA) protocol.

ACE A rule in a security access control list (ACL) that grants or denies a set of network access rights based on one or more criteria. ACEs use criteria such as a protocol and a source or destination IP address to determine whether to permit or deny packets that match the criteria. ACEs are processed in the order in which they appear in the security ACL. See also security ACL.

ACL See security ACL.

ad hoc network One of two IEEE 802.11 network frameworks. In an ad hoc network, a set of wireless stations communicate directly with one another without using an access point (AP) or any connection to a wired network. With an ad hoc network, also known as a peer-to-peer network or independent basic service set (IBSS), you can set up a wireless network in which a wireless infrastructure does not exist or is not required for services (in a classroom, for example), or through which access to the wired network is prevented (for consultants at a client site, for example). Compare infrastructure network.

Advanced Encryption Standard See AES.

AES Advanced Encryption Standard. One of the Federal Information Processing Standards (FIPS). The AES, documented in FIPS Publication 197, specifies a symmetric encryption algorithm for use by organizations to protect sensitive information. See 802.11i; CCMP.

AP See Access Point (AP).

320657-A