6 System Configuration

WPA Pre-Shared Key Mode (WPA-PSK, WPA2-PSK): For enterprise deployment, WPA requires a RADIUS authentication server to be configured on the wired network. However, for small office networks that may not have the resources to configure and maintain a RADIUS server, WPA provides a simple operating mode that uses just a pre-shared password for network access. The Pre-Shared Key mode uses a common password for user authentication that is manually entered on the access point and all wireless clients. The PSK mode uses the same TKIP packet encryption and key management as WPA in the enterprise, providing a robust and manageable alternative for small networks.

Mixed WPA and WEP Client Support: WPA enables the access point to indicate its supported encryption and authentication mechanisms to clients using its beacon signal. WPA-compatible clients can likewise respond to indicate their WPA support. This enables the access point to determine which clients are using WPA security and which are using legacy WEP. The access point uses TKIP unicast data encryption keys for WPA clients and WEP unicast keys for WEP clients. The global encryption key for multicast and broadcast traffic must be the same for all clients, therefore it restricts encryption to a WEP key.

When access is opened to both WPA and WEP clients, no authentication is provided for the WEP clients through shared keys. To support authentication for WEP clients in this mixed mode configuration, you can use either MAC authentication or 802.1X authentication.

WPA2 – WPA was introduced as an interim solution for the vulnerability of WEP pending the ratification of the IEEE 802.11i wireless security standard. In effect, the WPA security features are a subset of the 802.11i standard. WPA2 includes the now ratified 802.11i standard, but also offers backward compatibility with WPA. Therefore, WPA2 includes the same 802.1X and PSK modes of operation and support for TKIP encryption. The main differences and enhancements in WPA2 can be summarized as follows:

Advanced Encryption Standard (AES): WPA2 uses AES Counter-Mode encryption with Cipher Block Chaining Message Authentication Code (CBC-MAC) for message integrity. The AES Counter-Mode/CBCMAC Protocol (AES-CCMP) provides extremely robust data confidentiality using a 128-bit key. The AES-CCMP encryption cipher is specified as a standard requirement for WPA2. However, the computational intensive operations of AES-CCMP requires hardware support on client devices. Therefore to implement WPA2 in the network, wireless clients must be upgraded to WPA2-compliant hardware.

WPA2 Mixed-Mode: WPA2 defines a transitional mode of operation for networks moving from WPA security to WPA2. WPA2 Mixed Mode allows both WPA and WPA2 clients to associate to a common SSID interface. In mixed mode, the unicast encryption cipher (TKIP or AES-CCMP) is negotiated for each client. The access point advertises its supported encryption ciphers in beacon frames and probe responses. WPA and WPA2 clients select the cipher they support and return the choice in the association request to the access point. For mixed-mode operation,

6-74

Page 120 Page 122
Page 121
Image 121
SMC Networks SMC2552W-G2-17 manual System Configuration
Page 120 Page 122

SMC2552W-G2-17, SMC2552W-G2 specifications

The SMC Networks SMC2552W-G2 and SMC2552W-G2-17 are advanced wireless access points designed for a range of networking environments, offering robust features suited to both home and business applications. These devices are known for their reliable performance, making them a popular choice for those seeking to enhance network connectivity and coverage.

One of the primary features of the SMC2552W-G2 is its dual-band capability, operating on both the 2.4 GHz and 5 GHz frequency bands. This versatility allows users to take advantage of the high capacity of the 5 GHz band, which is less congested and ideal for activities that require substantial bandwidth, such as streaming and online gaming. The 2.4 GHz band, on the other hand, provides better penetration through walls and is more suitable for basic browsing and mobile device connectivity.

Another significant characteristic is the device's support for the 802.11n Wi-Fi standard, which enables data rates of up to 300 Mbps. This standard ensures a fast and stable wireless connection, facilitating a seamless online experience for multiple devices simultaneously. The integration of MIMO (Multiple Input Multiple Output) technology further enhances the performance, allowing for multiple data streams to be transmitted and received, significantly increasing throughput and range.

The SMC2552W-G2 series also boasts advanced security features, including WPA/WPA2 encryption and support for 802.1X authentication. These security protocols provide robust protection against unauthorized access and ensure that data transmitted over the network remains secure.

In terms of management, these access points offer both web-based and SNMP (Simple Network Management Protocol) interfaces, enabling users to easily configure and monitor the network settings. This user-friendly interface simplifies the process of overseeing network performance and troubleshooting issues when they arise.

The SMC2552W-G2 and SMC2552W-G2-17 are designed for easy installation, whether as stand-alone units or as part of a larger network. Their compact design allows for flexible mounting options, making them suitable for various environments.

In summary, the SMC Networks SMC2552W-G2 and SMC2552W-G2-17 provide an excellent combination of speed, security, and ease of management, making them ideal solutions for enhancing wireless connectivity in both home and office settings. Their dual-band functionality, compliance with the latest Wi-Fi standards, and comprehensive security measures ensure a reliable and efficient networking experience.
Top Page Image Contents