Appendix D Wireless LANs

TKIP regularly changes and rotates the encryption keys so that the same encryption key is never used twice. The RADIUS server distributes a Pairwise Master Key (PMK) key to the AP that then sets up a key hierarchy and management system, using the pair-wise key to dynamically generate unique data encryption keys to encrypt every data packet that is wirelessly communicated between the AP and the wireless clients. This all happens in the background automatically.

WPA2 AES (Advanced Encryption Standard) is a block cipher that uses a 256-bit mathematical algorithm called Rijndael.

The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, it is assumed that the data has been tampered with and the packet is dropped.

By generating unique data encryption keys for every data packet and by creating an integrity checking mechanism (MIC), TKIP makes it much more difficult to decode data on a Wi-Fi network than WEP, making it difficult for an intruder to break into the network.

The encryption mechanisms used for WPA and WPA-PSK are the same. The only difference between the two is that WPA-PSK uses a simple common password, instead of user-specific credentials. The common-password approach makes WPAPSK susceptible to brute-force password-guessing attacks but it's still an improvement over WEP as it employs an easier-to-use, consistent, single, alphanumeric password.

User Authentication

WPA or WPA2 applies IEEE 802.1x and Extensible Authentication Protocol (EAP) to authenticate wireless clients using an external RADIUS database.

If both an AP and the wireless clients support WPA2 and you have an external RADIUS server, use WPA2 for stronger data encryption. If you don't have an external RADIUS server, you should use WPA2 -PSK (WPA2 -Pre- Shared Key) that only requires a single (identical) password entered into each access point, wireless gateway and wireless client. As long as the passwords match, a wireless client will be granted access to a WLAN.

If the AP or the wireless clients do not support WPA2, just use WPA or WPA- PSK depending on whether you have an external RADIUS server or not.

Select WEP only when the AP and/or wireless clients do not support WPA or WPA2. WEP is less secure than WPA or WPA2.

FSG1100HN User’s Guide

151

Page 151
Image 151
ZyXEL Communications wireless active fiber router manual 151, User Authentication

wireless active fiber router specifications

ZyXEL Communications has made a significant impact in the networking industry with its innovative wireless active fiber routers, known for their robust performance and advanced features. These routers are tailored for both residential and small-to-medium business environments, providing high-speed internet access that leverages the power of fiber-optic technology.

One of the standout features of ZyXEL's wireless active fiber router is its support for ultra-fast broadband connections. By utilizing fiber optics, the router can deliver significantly higher data rates compared to traditional copper-based connections. This technology ensures that users can enjoy seamless video streaming, online gaming, and heavy downloading without interruptions.

The router boasts multiple Gigabit Ethernet ports, allowing for wired connections to devices that require a stable and high-speed internet connection. This is particularly advantageous for gamers and professionals who depend on low latency and reliability in their connection. The combination of both wired and wireless connectivity assures maximum flexibility in network setup.

Wireless performance is another highlight of ZyXEL's offering. Equipped with the latest Wi-Fi 6 technology, the router supports multi-user multiple input multiple output (MU-MIMO) and beamforming technologies. MU-MIMO enables the router to communicate with multiple devices simultaneously, improving overall network efficiency and throughput. Beamforming helps in directing the Wi-Fi signal towards connected devices rather than dispersing it evenly, enhancing coverage and speed in larger areas.

Security is a paramount concern for any networking device, and ZyXEL recognizes this with its advanced security features. The router includes WPA3 encryption, which offers enhanced protection against unauthorized access and ensures a secure connection for all devices on the network. Additional security features include a built-in firewall and support for VPN connections, providing users with peace of mind regarding their online privacy.

For ease of management, ZyXEL has integrated an intuitive web interface and a mobile app that allows users to monitor and control their network settings conveniently. Users can customize their network setup, manage connected devices, and even set parental controls to ensure a safe internet environment for children.

In summary, ZyXEL Communications’ wireless active fiber router stands out with its high-speed broadband capabilities, advanced wireless technologies, robust security features, and user-friendly management interface. These characteristics make it an ideal choice for those looking to enhance their home or business networking experience, ensuring reliable and fast internet access for all connected devices.