User's Manual
7 Managing Security
136 Installation and Configuration Guide: Airgo Access Point
Figure 101: Elements of Airgo Security
AP Security
Airgo provides a highly secure process to enroll access points. Three distinct levels of identification
verify the AP: Device ID, Thumbprint, and a bootstrap password unique to the AP. To assure
central control of the verification process, it is recommended that a single enrollment server handle
enrollment for the entire wireless network. The architecture supports two enrollment server
options:
• AP Enrollment Server—Designate an NM Portal AP as the enrollment server for the network.
For instructions, see Chapter 9, “Managing the Network.”
• NMS Pro—The NMS Pro network management system, offered as a separate product, operates
as a complete enrollment solution for the enterprise. In addition to supporting manual AP
enrollment, NMS Pro includes automatic AP pre-enrollment by way of a bar code reader
interface. For information on using NMS Pro, see the NMS Pro Installation and Configuration
Guide.
Administrative Security
SSH, https, and SNMPv3 are used for secure administrative access to the AP.
User Security
Acceptable and effective solutions for user authentication depend upon the network size,
complexity, and existing authentication infrastructure.
Users Security
• All WPA Modes
• EAP-TLS, -PEAP, -PSK
• AES, TKIP or WEP Encryption
A0047
AP Security
• Secure AP Enrollment
• Batch or One-Click
• Certificates & Password
Admin Security
• Admin & Operator
• Username, Password
• SSH, HTTPS, SNMPv3
Guest Security
• Password or Custom Access Control
• Guest-VLAN for Internet Access
• Session Management
Guest Security
User Security
Admin Security
AP
Security