Table of Contents
Advertisement
terprises. In private networks, it is scarcely used. For this reason, WPA-EAP is
sometimes referred to as WPA "Enterprise".
WPA-EAP needs a Radius server to authenticate users. EAP offers three different
methods for connecting and authenticating to the server: TLS (Transport Layer
Security), TTLS (Tunneled Transport Layer Security), and PEAP (Protected Exten-
sible Authentication Protocol). In a nutshell, these options work as follows:
EAP-TLS
TLS authentication relies on the mutual exchange of certificates both for
server and client. First, the server presents its certificate to the client where it
is evaluated. If the certificate is considered valid, the client in turn presents its
certificate to the server. While TLS is secure, it requires a working certification
management infrastructure in your network. This infrastructure is rarely found
in private networks.
EAP-TTLS and PEAP
Both TTLS and PEAP are two-stage protocols. In the first stage, a secure is
established and in the second one the client authentication data is exchanged.
They require far less certification management overhead than TLS, if any.
Encryption
There are various encryption methods to ensure that no unauthorized person can read
the data packets that are exchanged in a wireless network or gain access to the network:
WEP (defined in IEEE 802.11)
This standard makes use of the RC4 encryption algorithm, originally with a key
length of 40 bits, later also with 104 bits. Often, the length is declared as 64 bits
or 128 bits, depending on whether the 24 bits of the initialization vector are included.
However, this standard has some weaknesses. Attacks against the keys generated
by this system may be successful. Nevertheless, it is better to use WEP than not
encrypt the network at all.
TKIP (defined in WPA/IEEE 802.11i)
This key management protocol defined in the WPA standard uses the same encryp-
tion algorithm as WEP, but eliminates its weakness. Because a new key is generated
for every data packet, attacks against these keys are in vain. TKIP is used together
with WPA-PSK.
Wireless Communication
567
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE DESKTOP 10 SP2 - DEPLOYMENT GUIDE 08-05-2008
Related Products for Novell LINUX ENTERPRISE DESKTOP 10 SP2 - DEPLOYMENT GUIDE 08-05-2008
- NOVELL IFOLDER 3.X - SECURITY ADMINISTRATOR GUIDE 08-15-2006
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL APPARMOR 2.0.1 - ADMINISTRATION GUIDE 05-2008
- NOVELL EDIRECTORY 8.8 - GUIDE 09-2006
- NOVELL INTELLISYNC MOBILE SUITE 7.0 - SECURE GATEWAY ADMINISTRATOR GUIDE 04-2006
- NOVELL LINUX ENTERPRISE DESKTOP 10 SP1 - START UP GUIDE 03-15-2007
- NOVELL LINUX ENTERPRISE SERVER 10 - START-UP GUIDE 06-12-2006
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - STORAGE ADMINISTRATION GUIDE 05-15-2009
- NOVELL OPEN ENTERPRISE SERVER 2 SP2 - LAB GUIDE 01-19-2010
- NOVELL SERVER CONSOLIDATION MIGRATION TOOLKIT 1.2 - ADMINISTRATION GUIDE 09-2007
- NOVELL ZENWORKS LINUX MANAGEMENT 7.2 IR2 - ADMINISTRATION GUIDE 09-25-2008
- NOVELL ZENWORKS LINUX MANAGEMENT 7.3 IR2 - ADMINISTRATION GUIDE 02-12-2010
- NOVELL SENTINEL 6.1 SP2 - INSTALLATION GUIDE 02-2010
- NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 - INSTALLATION GUIDE 09-22-2008
- NOVELL ZENWORKS APPLICATION VIRTUALIZATION 8.0 - INTEGRATION AND STREAMING GUIDE 05-07-2010
- NOVELL PRIVILEGED USER MANAGER 2.2.1 - ADMINISTRATION GUIDE 03-31-2010