ZyXEL Communications NWA3560-N User Manual page 295
Nwa3000-n series wireless n business wlan 3000 series access point
Hide thumbs
Also See for NWA3560-N:
- Quick start manual (2 pages) ,
- User manual (358 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
I f t his feat ure is enabled, it is not necessary t o configure a default encrypt ion key in t he wireless
securit y configurat ion screen. You m ay st ill configure and st ore keys, but t hey will not be used while
dynam ic WEP is enabled.
Not e: EAP- MD5 cannot be used wit h Dynam ic WEP Key Exchange
For added securit y, cert ificat e- based aut hent icat ions ( EAP-TLS, EAP-TTLS and PEAP) use dynam ic
keys for dat a encrypt ion. They are oft en deployed in corporat e environm ent s, but for public
deploym ent , a sim ple user nam e and password pair is m ore pract ical. The following t able is a
com parison of t he feat ures of aut hent icat ion t ypes.
Table 117 Com parison of EAP Aut hent icat ion Types
Mut ual Aut hent icat ion
Cert ificat e – Client
Cert ificat e – Server
Dynam ic Key Exchange
Credent ial I nt egrit y
Deploym ent Difficult y
Client I dent it y Prot ect ion
WPA and WPA2
Wi- Fi Prot ect ed Access ( WPA) is a subset of t he I EEE 802.11i st andard. WPA2 ( I EEE 802.11i) is a
wireless securit y st andard t hat defines st ronger encrypt ion, aut hent icat ion and key m anagem ent
t han WPA.
Key differences bet ween WPA or WPA2 and WEP are im proved dat a encrypt ion and user
aut hent icat ion.
I f bot h an AP and t he wireless client s support WPA2 and you have an ext ernal RADI US server, use
WPA2 for st ronger dat a encrypt ion. I f you don't have an ext ernal RADI US server, you should use
WPA2- PSK ( WPA2- Pre- Shared Key) t hat only requires a single ( ident ical) password ent ered int o
each access point , wireless gat eway and wireless client . As long as t he passwords m at ch, a wireless
client will be grant ed access t o a WLAN.
I f t he AP or t he wireless client s do not support WPA2, j ust use WPA or WPA- PSK depending on
whet her you have an ext ernal RADI US server or not .
Select WEP only when t he AP and/ or wireless client s do not support WPA or WPA2. WEP is less
secure t han WPA or WPA2.
Encryption
WPA im proves dat a encrypt ion by using Tem poral Key I nt egrit y Prot ocol ( TKI P) , Message I nt egrit y
Check ( MI C) and I EEE 802.1x. WPA2 also uses TKI P when required for com pat ibilit y reasons, but
offers st ronger encrypt ion t han TKI P wit h Advanced Encrypt ion St andard ( AES) in t he Count er
m ode wit h Cipher block chaining Message aut hent icat ion code Prot ocol ( CCMP) .
TKI P uses 128- bit keys t hat are dynam ically generat ed and dist ribut ed by t he aut hent icat ion server.
AES ( Advanced Encrypt ion St andard) is a block cipher t hat uses a 256- bit m at hem at ical algorit hm
NWA3000-N Series User's Guide
EAP-MD5
EAP-TLS
No
Yes
No
Yes
No
Yes
No
Yes
None
St rong
Easy
Hard
No
No
Appendix C Wireless LANs
EAP-TTLS
PEAP
Yes
Yes
Opt ional
Opt ional
Yes
Yes
Yes
Yes
St rong
St rong
Moderat e
Moderat e
Yes
Yes
LEAP
Yes
No
No
Yes
Moderat e
Moderat e
No
295
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
