Manualshelf

User's Manual

ManualsBrandsAirgo Networks ManualsComputers & Accessories802.11 b/g 1x2 Cardbus Card
21222324252627282930
Table Of Contents
Wireless Security
Although security is important in any network, the characteristics of wireless networks
can make them vulnerable to attack. Unlike wired networks, which require a physical
connection that can be secured with lock and key, wireless networks require only a radio
signal for communication, and physical barriers do not provide protection. A concern
since the introduction of the IEEE 802.11 wireless communication standard, wireless
security continues to evolve, as shortcomings of existing security solutions are uncovered
and new solutions are adopted.
Wireless security encompasses two major components: encryption and authentication.
Encryption is the means by which data transferred across the wireless link are protected
from eavesdropping.
Authentication is the means by which the identity of your PC or
your identity, or both, are confirmed so that you have permission to use the network.
Authentication
This section provides an overview of authentication options. The most effective authentication
options available today are supported either through the Client Utility or by leveraging the
Microsoft Wi-Fi software implementations. For further information, see Client Utility Security
Options.
Effective authentication methods rely on manual distribution of shared or pre-shared
authentication keys or automatic generation of keys by a RADIUS (Remote
Authentication Dial-In User Service) server.
A shared or pre-shared key is an authentication string entered at the access point and
client PCs. Authentication takes place by matching the key stored in each PC with the
key stored in the access point.
Automatic key-generation methods rely upon digital certificates, which contain encoded
user and encryption information to verify the identity of a user and match it with a
database of secure user records. A certificate authority is the network service that
manages digital certificates and guarantees their integrity. The IEEE 802.1X standard
specifies certificate-based authentication using EAP (Extensible Authentication
Protocol). EAP, in turn, comes in numerous variations.
Most enterprises manage remote access to the certificate authority using a RADIUS
(Remote Authentication Dial-In User Service) server. In this arrangement, client PC users
install RADIUS client software on their local PCs to provide RADIUS server access.
Funk Software and Microsoft are the major suppliers of RADIUS client software.
For home or small office networks, shared or pre-shared keys can provide adequate
authentication without the burden of centralized management and control. A built-in
RADIUS security portal is provided in the Access Point to extend the management and
scalability features of centralized management to administrators in small-to-mid sized
office environments.
Installation and User Guide: Wireless LAN Client Page 25 of 36