Appendix E Wireless LANs
Wireless security methods available on the ZyWALL are data encryption, wireless client authentication, restricting access by device MAC address and hiding the ZyWALL identity.
The following figure shows the relative effectiveness of these wireless security methods available on your ZyWALL.
Table 273 Wireless Security Levels
SECURITY | SECURITY TYPE | |
LEVEL | ||
| ||
Least | Unique SSID (Default) | |
Secure |
| |
Unique SSID with Hide SSID Enabled | ||
|
| |
| MAC Address Filtering | |
|
| |
| WEP Encryption | |
|
| |
| IEEE802.1x EAP with RADIUS Server Authentication | |
|
| |
| ||
Most Secure |
| |
WPA2 | ||
|
|
"You must enable the same wireless security settings on the ZyWALL and on all wireless clients that you want to associate with it.
IEEE 802.1x
In June 2001, the IEEE 802.1x standard was designed to extend the features of IEEE 802.11 to support extended authentication as well as providing additional accounting and control features. It is supported by Windows XP and a number of network devices. Some advantages of IEEE 802.1x are:
•User based identification that allows for roaming.
•Support for RADIUS (Remote Authentication Dial In User Service, RFC 2138, 2139) for centralized user profile and accounting management on a network RADIUS server.
•Support for EAP (Extensible Authentication Protocol, RFC 2486) that allows additional authentication methods to be deployed with no changes to the access point or the wireless clients.
RADIUS
RADIUS is based on a
•Authentication
Determines the identity of the users.
•Authorization
746 |
| |
ZyWALL 2WG User’s Guide |
| |
|
|
|