Novell LINUX ENTERPRISE SERVER 11 - ADMINISTRATION Administration Manual page 276
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 11 - ADMINISTRATION:
- Installation (5 pages) ,
- Manual (450 pages)
Table of Contents
Advertisement
WPA-EAP needs a Radius server to authenticate users. EAP offers three different
methods for connecting and authenticating to the server: TLS (Transport Layer
Security), TTLS (Tunneled Transport Layer Security), and PEAP (Protected Exten-
sible Authentication Protocol). In a nutshell, these options work as follows:
EAP-TLS
EAP-TTLS and PEAP
Encryption
There are various encryption methods to ensure that no unauthorized person can read
the data packets that are exchanged in a wireless network or gain access to the network:
WEP (defined in IEEE 802.11)
This standard makes use of the RC4 encryption algorithm, originally with a key
length of 40 bits, later also with 104 bits. Often, the length is declared as 64 bits
or 128 bits, depending on whether the 24 bits of the initialization vector are included.
However, this standard has some weaknesses. Attacks against the keys generated
by this system may be successful. Nevertheless, it is better to use WEP than to not
encrypt the network at all.
Some vendors have implemented the non-standard "Dynamic WEP". It works ex-
actly as WEP and shares the same weaknesses, except that the key is periodically
changed by a key management service.
TKIP (defined in WPA/IEEE 802.11i)
This key management protocol defined in the WPA standard uses the same encryp-
tion algorithm as WEP, but eliminates its weakness. Because a new key is generated
262
Administration Guide
TLS authentication relies on the mutual exchange of certificates for both
server and client. First, the server presents its certificate to the client where it
is evaluated. If the certificate is considered valid, the client in turn presents its
certificate to the server. While TLS is secure, it requires a working certification
management infrastructure in your network. This infrastructure is rarely found
in private networks.
Both TTLS and PEAP are two-stage protocols. In the first stage, a secure
connection is established and in the second the client authentication data is
exchanged. They require far less certification management overhead than TLS,
if any.
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell LINUX ENTERPRISE SERVER 11 - ADMINISTRATION
Related Products for Novell LINUX ENTERPRISE SERVER 11 - ADMINISTRATION
- NOVELL LINUX ENTERPRISE DESKTOP 10 - IPRINT CLIENT
- NOVELL LINUX ENTERPRISE DESKTOP 11 - OPENOFFICE
- NOVELL LINUX ENTERPRISE SERVER 10 - STORAGE ADMINISTRATION GUIDE FOR EVMS
- NOVELL LINUX ENTERPRISE SERVER 11 - STORAGE ADMINISTRATION GUIDE 2-23-2010
- NOVELL LINUX ENTERPRISE SERVER 11 - DEPLOYMENT
- NOVELL LINUX ENTERPRISE SERVER 11 - VIRTUALIZATION
- NOVELL LINUX ENTERPRISE SERVER STARTER SYSTEM
- NOVELL LINUX ENTERPRISE DESKTOP 10
- NOVELL LINUX ENTERPRISE SERVER 10 SP2 - VIRTUALIZATION WITH XEN
- Novell eBook Reader
- NOVELL LINUX ENTERPRISE DESKTOP 11 - ADMINISTRATION GUIDE 17-03-2009
- NOVELL LINUX ENTERPRISE DESKTOP 11 - GNOME
- NOVELL LINUX ENTERPRISE DESKTOP 11 - GNOME 17-03-2009
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE
- NOVELL LINUX ENTERPRISE DESKTOP 11 - KDE 17-03-2009
- Novell 3.6 05-2008