Table of Contents
Advertisement
13 Wireless LAN
168
Setting network names
In contrast to a LAN set up over Ethernet, a wireless LAN does not have any cables for set-
ting up a permanent connection between the server and clients. Access violations or faults
may therefore occur with directly adjacent radio networks. To prevent this, every radio net-
work has a parameter that uniquely identifies the network and is comparable with a domain
name. Only clients with a network configuration that matches that of your device can com-
municate in this WLAN. The corresponding parameter is called the network name. In the
network environment, it is sometimes also referred to as the SSID.
Protection of wireless networks
As data can be transmitted over the air in the WLAN, this data can in theory be intercepted
and read by any attacker with the appropriate resources. Particular attention must therefore
be paid to protecting the wireless connection.
There are three security modes, WEP, WPA-PSK and WPA Enterprise. WPA Enterprise of-
fers the highest level of security, but this security mode is only really suitable for compan-
ies, because it requires a central authentication server. Private users should choose WEP
or preferably WPA-PSK with higher security as their security mode.
WEP
802.11 defines the security standard WEP (Wired Equivalent Privacy = encryption of data
with 40 bit (Security Mode =
this widely used WEP has proven susceptible to failure. However, a higher degree of se-
curity can only be achieved through hardware-based encryption which required additional
configuration (for example 3DES or AES). This permits even sensitive data from being
transferred via a radio path without fear of it being stolen.
IEEE 802.11i
Standard IEEE 802.11i for wireless systems contains basic security specifications for wire-
less networks, in particular with regard to encryption. It replaces the insecure WEP (Wired
Equivalent Privacy) with WPA (Wi-Fi Protected Access). It also includes the use of the ad-
vanced encryption standard (AES) to encrypt data.
WPA
WPA (Wi-Fi Protected Access) offers additional privacy by means of dynamic keys based
on the Temporal Key Integrity Protocol (TKIP), and offers PSK (preshared keys) or Extens-
ible Authentication Protocol (EAP) via 802.1x (e.g. RADIUS) for user authentication.
Authentication using EAP is usually used in large wireless LAN installations, as an authen-
Funkwerk Enterprise Communications GmbH
) or 104 bit (Security Mode =
). However,
R1xxx/R3xxx/R4xxx
Advertisement
Table of Contents
