Appendix D Wireless LANs

However, MD5 authentication has some weaknesses. Since the authentication server needs to get the plaintext passwords, the passwords must be stored. Thus someone other than the authentication server may access the password file. In addition, it is possible to impersonate an authentication server as MD5 authentication method does not perform mutual authentication. Finally, MD5 authentication method does not support data encryption with dynamic session key. You must configure WEP encryption keys for data encryption.

EAP-TLS (Transport Layer Security)

With EAP-TLS, digital certifications are needed by both the server and the wireless stations for mutual authentication. The server presents a certificate to the client. After validating the identity of the server, the client sends a different certificate to the server. The exchange of certificates is done in the open before a secured tunnel is created. This makes user identity vulnerable to passive attacks. A digital certificate is an electronic ID card that authenticates the sender’s identity. However, to implement EAP-TLS, you need a Certificate Authority (CA) to handle certificates, which imposes a management overhead.

EAP-TTLS (Tunneled Transport Layer Service)

EAP-TTLS is an extension of the EAP-TLS authentication that uses certificates for only the server-side authentications to establish a secure connection. Client authentication is then done by sending username and password through the secure connection, thus client identity is protected. For client authentication, EAPTTLS supports EAP methods and legacy authentication methods such as PAP, CHAP, MS-CHAP and MS-CHAP v2.

PEAP (Protected EAP)

Like EAP-TTLS, server-side certificate authentication is used to establish a secure connection, then use simple username and password methods through the secured connection to authenticate the clients, thus hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5, EAP-MSCHAPv2 and EAP-GTC (EAP-Generic Token Card), for client authentication. EAP-GTC is implemented only by Cisco.

LEAP

LEAP (Lightweight Extensible Authentication Protocol) is a Cisco implementation of IEEE 802.1X.

Dynamic WEP Key Exchange

The AP maps a unique key that is generated with the RADIUS server. This key expires when the wireless connection times out, disconnects or reauthentication times out. A new WEP key is generated each time reauthentication is performed.

FSG1100HN User’s Guide

149

Page 148 Page 150
Page 149
Image 149
ZyXEL Communications wireless active fiber router manual 149, EAP-TLS Transport Layer Security, Peap Protected EAP
Page 148 Page 150

wireless active fiber router specifications

ZyXEL Communications has made a significant impact in the networking industry with its innovative wireless active fiber routers, known for their robust performance and advanced features. These routers are tailored for both residential and small-to-medium business environments, providing high-speed internet access that leverages the power of fiber-optic technology.

One of the standout features of ZyXEL's wireless active fiber router is its support for ultra-fast broadband connections. By utilizing fiber optics, the router can deliver significantly higher data rates compared to traditional copper-based connections. This technology ensures that users can enjoy seamless video streaming, online gaming, and heavy downloading without interruptions.

The router boasts multiple Gigabit Ethernet ports, allowing for wired connections to devices that require a stable and high-speed internet connection. This is particularly advantageous for gamers and professionals who depend on low latency and reliability in their connection. The combination of both wired and wireless connectivity assures maximum flexibility in network setup.

Wireless performance is another highlight of ZyXEL's offering. Equipped with the latest Wi-Fi 6 technology, the router supports multi-user multiple input multiple output (MU-MIMO) and beamforming technologies. MU-MIMO enables the router to communicate with multiple devices simultaneously, improving overall network efficiency and throughput. Beamforming helps in directing the Wi-Fi signal towards connected devices rather than dispersing it evenly, enhancing coverage and speed in larger areas.

Security is a paramount concern for any networking device, and ZyXEL recognizes this with its advanced security features. The router includes WPA3 encryption, which offers enhanced protection against unauthorized access and ensures a secure connection for all devices on the network. Additional security features include a built-in firewall and support for VPN connections, providing users with peace of mind regarding their online privacy.

For ease of management, ZyXEL has integrated an intuitive web interface and a mobile app that allows users to monitor and control their network settings conveniently. Users can customize their network setup, manage connected devices, and even set parental controls to ensure a safe internet environment for children.

In summary, ZyXEL Communications’ wireless active fiber router stands out with its high-speed broadband capabilities, advanced wireless technologies, robust security features, and user-friendly management interface. These characteristics make it an ideal choice for those looking to enhance their home or business networking experience, ensuring reliable and fast internet access for all connected devices.
Top Page Image Contents