Wlan Security Features Supported By The Spu; Configuring An Access Security Policy - Huawei quidway s7700 Configuration Manual
Smart routing switch
Hide thumbs
Also See for quidway s7700:
- Configuration manual (833 pages) ,
- Configuration manual - ethernet (648 pages) ,
- Configuration manual - multicast (551 pages)
Table of Contents
Advertisement
Quidway S7700 Smart Routing Switch
Configuration Guide - SPU
5.2.2 WLAN Security Features Supported by the SPU
The SPU supports a variety of WLAN security features, including access security policy
management, station (STA) blacklist and whitelist management, and user isolation.
Access Security Policy Management
Access security policy management allows you to configure an authentication mode for WLAN
access users.
The SPU supports four access security policies: Wired Equivalent Privacy (WEP), Wi-Fi
Protected Access (WPA), WPA2, and WLAN Authentication and Privacy Infrastructure
(WAPI).
STA Blacklist and Whitelist Management
SPU can add STAs to the blacklist or whitelist to control STA access.
l
l
User Isolation
The user isolation function prevents wireless users associated with the same AP from forwarding
Layer 2 packets to each other, disabling these users from communicating directly.
On the SPU, you can configure user isolation in a service set and configure port isolation on a
WLAN-ESS interface to implement Layer 2 isolation between wireless users associated with
the same AP.
5.2.3 Configuring an Access Security Policy
By configuring an access security policy, you can specify the authentication mode to use when
users access WLAN devices according to the network plan.
Applicable Environment
WLAN channels are open to users, and malicious users can easily intercept, modify, and forward
data of authorized users. The WLAN technology provides security policies to prevent
unauthorized user access. You can select security policies on a WLAN based on the security
level.
l
l
Pre-configuration Tasks
Before configuring an access security policy, complete the following tasks:
l
Issue 01 (2011-07-15)
After the blacklist function is enabled, a STA in the blacklist cannot be associated with an
access point (AP) or access WLANs.
After the whitelist function is enabled, a STA in the whitelist can be associated with an AP
and access WLANs.
Wired Equivalent Privacy (WEP) is a security policy used earlier and has security risks. It
can be used in open scenarios that do not require high security, such as airports.
Wi-Fi Protected Access (WPA) and WLAN Authentication and Privacy Infrastructure
(WAPI) can provide higher security for devices.
Configuring basic AC attributes according to
Huawei Proprietary and Confidential
Copyright © Huawei Technologies Co., Ltd.
5 WLAN Configuration
5.1.3 Configuring Basic AC Attributes
188
Advertisement
Table of Contents
