D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point Administrator's Manual page 41

Unified wired & wireless access system

Hide thumbs Also See for DWL-3500AP - AirPremier Wireless Switching 108G Access Point:

Configuration manual (61 pages)

Installation manual (56 pages)

Command reference manual (344 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

page of 166

/ 166
Contents
Table of Contents
Bookmarks

Table of Contents

64-bit (40-bit secret key + 24-bit initialization vector (IV)), 128-bit (104-bit secret key + 24-

bit IV), or 152-bit (128-bit secret key + 24-bit IV) Shared Key for data encryption.

Key Management

Static

WEP

uses a fixed key

that is provided by the

administrator. WEP keys are

indexed in different slots (up to

four on the access point).

The client stations must have

the same key indexed in the

same slot to access data on the

access point.

Recommendations

Static WEP was designed to provide the security equivalent of sending unencrypted data

through an Ethernet connection; however, it has major flaws and does not provide the intended

level of security.

Therefore, Static WEP is not recommended as a secure mode. The only time to use Static

WEP is when interoperability issues make it the only option available to you, and you are not

concerned with the potential of exposing the data on your network.

When to Use IEEE 802.1X

IEEE

802.1X

is the standard for passing the Extensible Authentication Protocol (EAP) over an

802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL).

This is a newer, more secure standard than Static WEP.

Key Management

IEEE 802.1X provides

dynamically-generated keys

that are periodically refreshed.

There are different

keys for each station.

Recommendations

IEEE 802.1X mode is a better choice than Static WEP because keys are dynamically generated

and changed periodically. However, the encryption algorithm used is the same as that of Static

WEP and is therefore not as reliable as the more advanced encryption methods such as

Temporal Key Integrity Protocol

(WPA) or WPA2.

Additionally, compatibility issues may be cumbersome because of the variety of

authentication methods supported and the lack of a standard implementation method.

Therefore, IEEE 802.1X mode is not as secure a solution as

than using IEEE 802.1X mode is to use WPA Enterprise mode.

Encryption Algorithm

RC4

stream cipher is used

to encrypt the frame body and

cyclic redundancy checking

(CRC) of each 802.11 frame.

Encryption Algorithm

RC4

stream cipher is used

to encrypt the frame body and

cyclic redundancy checking

(CRC) of each 802.11 frame.

Unicast

(TKIP) and

4 Configuring Access Point Security

User Authentication

This protocol provides a

rudimentary form of user

authentication when the client

uses a shared key algorithm.

User Authentication

IEEE 802.1X mode supports a

variety of authentication

methods, like certificates,

Kerberos, and public key

authentication with a RADIUS

server.

AES-CCMP

used in Wi-Fi Protected Access

WPA

or WPA2. A better solution

Understanding Security on Wireless Networks

Table of Contents

Related Products for D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point

This manual is also suitable for:

Dwl-8500ap

D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point Administrator's Manual page 41

Related Manuals for D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point

Related Products for D-Link DWL-3500AP - AirPremier Wireless Switching 108G Access Point

This manual is also suitable for:

Table of Contents