Configuring Ssid Authentication And Encryption - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING SCREENOS DEVICES GUIDE REV 01 Manual

Related
Documentation

Configuring SSID Authentication and Encryption

Copyright © 2010, Juniper Networks, Inc.
Table 88: Wireless General SSID Settings
Parameters Your Action
Name Specify a name that uniquely identifies the BSS. The device uses the
SSID name to distinguish the interface to route wireless traffic to. For
enhanced security, do not assign the SSID a meaningful name that an
attacker might be able to determine through reconnaissance, such as
the department or location of the WAP. You can also make the name
difficult to guess by using a mix of upper- and lowercase letters, numbers,
and symbols. When the SSID name contains one or more spaces, enclose
the name within quotation marks.
Suppressing Select so the device does not display the SSID name in broadcasts.
Transmission of SSID Because the name is not broadcast, attackers must work harder to
Information obtain the SSID name.
Isolation of Clients on Select to prevent wireless clients on the same subnetwork (SSID) from
the Same SSID communicating directly with each other and bypassing the security
device.
Wireless Interface Select the wireless interface (wireless 1 or wireless 2) that handles traffic
for the SSID. The device routes all wireless traffic with the specified
SSID name through this interface.
Virtual Routers Overview on page 296
Configuring General Wireless Settings on page 382
Configuring Advanced Wireless Settings on page 385
Configuring Wireless MAC Access Lists on page 389
Configuring SSID Authentication and Encryption on page 391
Reactivating Wireless Connections on page 396
Each SSID can use specific authentication and encryption settings, enabling you to
configure differing levels of security for different resources. By default, the
authentication/encryption is set to none; we strongly recommend that you select one
of the supported authentication/encryption methods. The NetScreen-5GT Wireless
device supports WEP and WPA authentication and encryption methods; to ensure the
highest level of security we recommend that you select WPA as your
authentication/encryption method.
The Wired Equivalent Privacy (WEP) uses the Rivest Cipher 4 (RC4) stream cipher
algorithm to encrypt and decrypt data as it travels over the wireless link. You can store
WEP keys locally on the security device or externally on an external authentication server.
Wireless network users store one or more of the same keys on their systems and identify
them with the same ID numbers. For details on configuring WEP, see "Configuring Wired
Equivalent Privacy" on page 392.
Chapter 14: WAN, ADSL, Dial, and Wireless
391