Understanding Wag102 Wireless Security Options - NETGEAR WAG102 Reference Manual

Reference Manual for the NETGEAR ProSafe Dual Band Wireless Access Point WAG102

Understanding WAG102 Wireless Security Options

Your wireless data transmissions can be received well beyond your walls by anyone with a
compatible adapter. For this reason, use the security features of your wireless equipment. The
WAG102 Access Point provides highly effective security features which are covered in detail in
this chapter. Deploy the security features appropriate to your needs.
Figure 3-1
There are several ways you can enhance the security of your wireless network:
• Restrict Access Based on MAC address. You can restrict access to only trusted PCs so that
unknown PCs cannot wirelessly connect to the WAG102. MAC address filtering adds an
obstacle against unwanted access to your network, but the data broadcast over the wireless link
is fully exposed.
• Turn Off the Broadcast of the Wireless Network Name (SSID). If you disable broadcast of
the SSID, only devices that have the correct SSID can connect. This nullifies the wireless
network 'discovery' feature of some products such as Windows XP, but the data is still fully
exposed to a determined snoop using specialized test equipment like wireless sniffers.
• Use WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
Shared Key authentication and WEP data encryption will block all but the most determined
eavesdropper.
• Use WPA or WPA-PSK. Wi-Fi Protected Access (WPA) data encryption provides data
security. The very strong authentication along with dynamic per frame rekeying of WPA make
it virtually impossible to compromise. Because this is a new standard, wireless device driver
and software availability may be limited.
3-4
v1.0, September 2005
Basic Installation and Configuration