G-1000 User’s Guide

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a different certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAP-TTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 802.1x.

Dynamic WEP Key Exchange

The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed.

If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is enabled.

Note: EAP-MD5 cannot be used with Dynamic WEP Key Exchange

Wireless LANs

165

Page 165
Image 165
ZyXEL Communications G-1000 EAP-TLS Transport Layer Security, EAP-TTLS Tunneled Transport Layer Service, Wireless LANs 165

G-1000 specifications

ZyXEL Communications G-1000 is a versatile network device that has gained attention in the realm of home and small office networking solutions. This device is a powerful gateway that seamlessly integrates various communication technologies, making it a reliable choice for users looking for enhanced connectivity, speed, and network management features.

One of the main features of the ZyXEL G-1000 is its dual-band wireless capability, which supports both 2.4 GHz and 5 GHz frequency bands. This allows users to connect multiple devices simultaneously without experiencing bandwidth congestion. The dual-band functionality enables smoother streaming, faster downloads, and better online gaming experiences, as users can choose the best band based on their device capabilities and distance from the router.

The G-1000 also incorporates advanced Wi-Fi 6 (802.11ax) technology, which significantly improves wireless performance compared to previous generations. Wi-Fi 6 offers enhanced data rates, improved efficiency, increased capacity for handling multiple devices, and better performance in crowded areas. This makes the ZyXEL G-1000 an ideal choice for households with numerous smart devices, such as smartphones, tablets, smart TVs, and home automation systems.

In terms of security, the ZyXEL G-1000 is equipped with robust security features that protect users from various cyber threats. The device supports WPA3 encryption, which offers stronger protection against unauthorized access and enhances overall network security. Additionally, advanced firewall features and parental controls allow users to manage access to the internet and protect their networks further.

Another notable characteristic of the G-1000 is its intuitive web interface and mobile app, which simplify network management. Users can easily monitor connected devices, set up guest networks, and modify network settings, all from a user-friendly dashboard. This level of accessibility ensures that even those with limited technical knowledge can effectively manage their home networking environment.

The ZyXEL G-1000 also boasts multiple Ethernet ports, providing the flexibility to connect wired devices for stable and high-speed connections. This is particularly advantageous for devices that require consistent bandwidth, such as gaming consoles and desktop computers.

In conclusion, ZyXEL Communications G-1000 stands out as a feature-rich networking solution that combines the latest technologies, robust security measures, and user-friendly management. Its advanced capabilities make it suitable for various networking needs, whether for home use or in small office environments. With its commitment to quality and innovation, ZyXEL continues to provide reliable solutions that enhance connectivity and user experience.