Radio Interface

The security mechanisms that may be employed depend on the level of security required, the network and management resources available, and the software support provided on wireless clients. A summary of wireless security considerations is listed in the following table.

Security

Client

Implementation Considerations

Mechanism

Support

 

 

 

 

 

 

WEP

Built-in support on all

Provides only weak security

 

802.11a, 802.11b and

• Requires manual key management

 

802.11g devices

 

 

WEP over

Requires 802.1x client

Provides dynamic key rotation for

802.1x

support in system or by

 

improved WEP security

 

add-in software

Requires configured RADIUS server

 

(native support provided

802.1x EAP type may require

 

in Windows XP)

 

management of digital certificates for

 

 

 

clients and server

 

 

 

MAC Address

Uses the MAC address

• Provides only weak user

Filtering

of client network card

 

authentication

 

 

• Management of authorized MAC

 

 

 

addresses

 

 

• Can be combined with other methods

 

 

 

for improved security

 

 

Optionally configured RADIUS server

 

 

 

WPA over

Requires WPA-enabled

• Provides robust security in WPA-only

802.1x mode

system and network

 

mode (i.e., WPA clients only)

 

card driver

• Offers support for legacy WEP clients,

 

(native support provided

 

but with increased security risk (i.e.,

 

in Windows XP)

 

WEP authentication keys disabled)

 

 

• Requires configured RADIUS server

 

 

• 802.1x EAP type may require

 

 

 

management of digital certificates for

 

 

 

clients and server

 

 

 

WPA PSK

Requires WPA-enabled

• Provides good security in small

mode

system and network

 

networks

 

card driver

• Requires manual management of

 

(native support provided

 

pre-shared key

 

in Windows XP)

 

 

 

 

 

 

Note: Although a WEP static key is not needed for WEP over 802.1x, WPA over 802.1x, and WPA PSK modes, you must enable WEP encryption through the web or CLI in order to enable all types of encryption in the access point.

5-51

Page 109
Image 109
SMC Networks SMC2555W-AG manual Wep