G-1000 User’s Guide

For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types.

Table 68 Comparison of EAP Authentication Types

 

EAP-MD5

EAP-TLS

EAP-TTLS

PEAP

LEAP

 

 

 

 

 

 

Mutual Authentication

No

Yes

Yes

Yes

Yes

 

 

 

 

 

 

Certificate – Client

No

Yes

Optional

Optional

No

 

 

 

 

 

 

Certificate – Server

No

Yes

Yes

Yes

No

 

 

 

 

 

 

Dynamic Key Exchange

No

Yes

Yes

Yes

Yes

 

 

 

 

 

 

Credential Integrity

None

Strong

Strong

Strong

Moderate

 

 

 

 

 

 

Deployment Difficulty

Easy

Hard

Moderate

Moderate

Moderate

 

 

 

 

 

 

Client Identity Protection

No

No

Yes

Yes

No

 

 

 

 

 

 

WPA(2)

Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA 2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA.

Key differences between WPA(2) and WEP are improved data encryption and user authentication.

Encryption

Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP) to offer stronger encryption.

Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism.

TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice. The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. This all happens in the background automatically.

WPA2 AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit mathematical algorithm called Rijndael.

166

Wireless LANs

Page 166
Image 166
ZyXEL Communications G-1000 manual WPA2, Comparison of EAP Authentication Types, Wireless LANs

G-1000 specifications

ZyXEL Communications G-1000 is a versatile network device that has gained attention in the realm of home and small office networking solutions. This device is a powerful gateway that seamlessly integrates various communication technologies, making it a reliable choice for users looking for enhanced connectivity, speed, and network management features.

One of the main features of the ZyXEL G-1000 is its dual-band wireless capability, which supports both 2.4 GHz and 5 GHz frequency bands. This allows users to connect multiple devices simultaneously without experiencing bandwidth congestion. The dual-band functionality enables smoother streaming, faster downloads, and better online gaming experiences, as users can choose the best band based on their device capabilities and distance from the router.

The G-1000 also incorporates advanced Wi-Fi 6 (802.11ax) technology, which significantly improves wireless performance compared to previous generations. Wi-Fi 6 offers enhanced data rates, improved efficiency, increased capacity for handling multiple devices, and better performance in crowded areas. This makes the ZyXEL G-1000 an ideal choice for households with numerous smart devices, such as smartphones, tablets, smart TVs, and home automation systems.

In terms of security, the ZyXEL G-1000 is equipped with robust security features that protect users from various cyber threats. The device supports WPA3 encryption, which offers stronger protection against unauthorized access and enhances overall network security. Additionally, advanced firewall features and parental controls allow users to manage access to the internet and protect their networks further.

Another notable characteristic of the G-1000 is its intuitive web interface and mobile app, which simplify network management. Users can easily monitor connected devices, set up guest networks, and modify network settings, all from a user-friendly dashboard. This level of accessibility ensures that even those with limited technical knowledge can effectively manage their home networking environment.

The ZyXEL G-1000 also boasts multiple Ethernet ports, providing the flexibility to connect wired devices for stable and high-speed connections. This is particularly advantageous for devices that require consistent bandwidth, such as gaming consoles and desktop computers.

In conclusion, ZyXEL Communications G-1000 stands out as a feature-rich networking solution that combines the latest technologies, robust security measures, and user-friendly management. Its advanced capabilities make it suitable for various networking needs, whether for home use or in small office environments. With its commitment to quality and innovation, ZyXEL continues to provide reliable solutions that enhance connectivity and user experience.