Introduction

1.3.12 KSS Databases

The KSS has two databases. One database stores valid access points (AP setup account). The other database stores Kerberos account information (Kerberos entry account). The AP setup account database stores validation information for an AP. This database uses the AP MAC address as a Primary Key. The entry includes the range of time the AP is allowed access and status information. A Foreign Key entry for a record in the AP setup account is the Kerberos Principal for this AP. This Foreign Key is used as an index to the Kerberos Entry account database to retrieve other Kerberos information for the AP. The Kerberos Entry account database stores specific Kerberos information for APs. It uses the Kerberos Principal (AP’s ESSID) as its Primary Key, and it includes other Kerberos network information that an AP needs to authenticate with the KDC.

When an AP requests information from the KSS, the KSS queries the AP Setup database to validate the AP. If the AP is valid the KSS will query its Kerberos Entry account database for the AP’s Kerberos information. The KSS packages the information and sends it to the AP.

APs with the same ESSID will share common Kerberos Entry account information since the ESSID is used as an AP Kerberos Principal.

1.3.13 Roaming and Authentication

When an MU authenticates through the KDC it specifies that it wants access to the AP that it has associated with. When the MU completes the full AS- REQ/AS-REP, TGT-REQ/TGT-REP, and AP-REQ/AP-REP hand-shake sequence, it possesses a ticket and a session key (WEP encryption key) for use in communicating with that AP. However, since the password and the username are the same for all APs, that ticket decrypts and validates with any AP.

When a MU roams, after it has associated with the new AP it sends to that AP the same AP-REQ that it sent to the AP that it first authenticated with. The new AP decrypts the ticket and validates the authenticator in the AP-REQ message. It then sends back an AP-REP with a new session key to the MU and normal communication through the new AP can continue.

32

AP-4131 Access Point Product Reference Guide

Page 42
Image 42
Symbol Technologies AP-4131 manual KSS Databases, Roaming and Authentication

AP-4131 specifications

The Symbol Technologies AP-4131 is a high-performance access point designed for businesses seeking reliable wireless networking solutions. With its robust features and advanced technologies, the AP-4131 paves the way for seamless connectivity in a variety of environments, including offices, warehouses, and retail spaces.

One of the standout features of the AP-4131 is its support for dual-band operation, enabling it to efficiently transmit and receive data across both 2.4 GHz and 5 GHz frequency bands. This dual-band functionality minimizes interference and allows for optimal performance even in densely populated areas with multiple wireless devices.

The AP-4131 employs the 802.11a/b/g/n standards, offering data rates of up to 300 Mbps. This capability ensures that users experience fast and reliable wireless connectivity, whether for bandwidth-intensive applications or simple web browsing. Additionally, its MIMO (Multiple Input Multiple Output) technology significantly enhances the signal quality and overall network performance, allowing more devices to connect simultaneously without degrading performance.

In terms of security, the AP-4131 provides advanced encryption protocols, including WPA2, to safeguard data transmission and mitigate the risk of unauthorized access. This emphasis on security is vital for organizations handling sensitive information and needing to protect their networks from potential threats.

The device is also equipped with Power over Ethernet (PoE) support, simplifying installation by allowing power and data to use a single cable. This feature enables flexible placement of the access point without the need for separate power sources, making it convenient for deployment in various locations.

Moreover, the AP-4131 features built-in management capabilities, allowing IT administrators to monitor and manage network performance easily. Its centralized management system facilitates the quick configuration of access points across the organization, streamlining maintenance and troubleshooting processes.

Another notable characteristic of the AP-4131 is its rugged design, built to withstand harsh environmental conditions. This makes it suitable for outdoor deployments or areas subject to extreme temperatures and conditions.

In summary, the Symbol Technologies AP-4131 is an advanced access point that combines dual-band performance, robust security features, and flexible deployment options, making it a valuable asset for businesses aiming to enhance their wireless networking capabilities. Its combination of cutting-edge technologies and reliable performance positions it as a top choice for organizations looking to build a strong, secure, and efficient wireless infrastructure.