Manualshelf

User's Manual

ManualsBrandsAirgo Networks ManualsElectronics802.11a/b/g WLAN
31323334353637383940
Table Of Contents
Wireless Security
Installation and User Guide: Airgo Wireless LAN Client Adapter 25
wireless communication standard, wireless security continues to evolve, as shortcomings of
existing security solutions are uncovered and new solutions are adopted.
The Airgo products provide a complete state-of-the-art security solution for 802.11 wireless
networks, using the native wireless support in Windows 2000 and Windows XP where appropriate.
Wireless security encompasses two major components: encryption and authentication. Encryption
is the means by which data transferred across the wireless link are protected from eavesdropping.
Authentication is the means by which the access point verifies the identity of your PC and your
identity, and confirms that you have permission to use the network.
Encryption
Encryption protects wireless data from being intercepted and deciphered during transmission, and
thereby assures the security of your data. Airgo supports several encryption options:
AES (Advanced Encryption Standard) — excellent financial-grade security
TKIP (Temporal Key Integrity Protocol) — good security, as an upgrade to legacy systems
WEP (Wired Equivalent Privacy) — minimal protection security, acceptable only for non-
critical data
Open or no encryption — no protection, use only for non-critical communications or with other
security protection such as https or VPN/IPsec for corporate communications
The latest and most effective encryption methods are part of the WPA (Wi-Fi Protected Access)
cipher suite and are recommended for all environments in which security is an important
consideration, whether in the enterprise, small office or home. WPA provides much more complete
protection against discovery of encryption keys than do the earlier WEP standards. WPA itself has
already spawned two generations of encryption technology, with AES being the latest and most
effective standard. TKIP is the encryption protocol that was first introduced with WPA, but it
provides less complete protection than does AES.
The original 802.11 wireless communication specification standard included WEP for wireless
security. Although still widely used today, WEP security does not provide adequate protection
against discovery of encryption keys, and may therefore be vulnerable to attack. Use WEP only in
cases where the access point does not support higher level security and security is a consideration in
your network design.
The WEP algorithm requires an encryption key, which is a code used in the encrypting and
decrypting of data. Although all WEP methods are vulnerable, 128-bit keys are somewhat more
difficult to decrypt than 64-bit keys. WEP provides the option of entering a key in ASCII (text) or
hexidecimal (numeric) format. ASCII keys are useful as a text passphrase, while hexidecimal keys
provide more protection and support for other devices. Key generation can be manual or automatic,
with automatically generated keys providing more protection.
Authentication
Effective authentication methods rely on manual distribution of shared or pre-shared authentication
keys or automatic generation of keys by use of a RADIUS (Remote Authentication Dial-In User
Service) server.
A shared or pre-shared key is an authentication string entered at the access point and client PCs.
Authentication takes place by matching the key stored in each PC with the key stored in the access
point.