User's Manual
Table Of Contents
- Device Types
- Shipping Package Contents
- System Requirements
- Inserting and Removing the Wireless LAN Client Adapter
- Installing the Wireless LAN Client Adapter Driver and Client Utility
- Custom Installation
- Uninstalling the Client Utility and Drivers
- Service Set Identifiers
- Wireless Bands and Channels
- Client Utility Overview
- Accessing the Client Utility
- Navigating the User Interface
- Scanning for Available Networks
- Working with Profiles
- Wireless Security
802.11 wireless communication standard, wireless security continues to evolve, as shortcomings
of existing security solutions are uncovered and new solutions are adopted.
Wireless security encompasses two major components: encryption and authentication.
Encryption provides a mechanism for protecting data transferred across the wireless link from
eavesdropping. Authentication provides a mechanism so that the identity of your PC or your
identity, or both, are confirmed so that you may gain access to the network.
Authentication
Effective authentication methods rely on manual distribution of shared or pre-shared
authentication keys or automatic generation of keys by a RADIUS (Remote Authentication Dial-
In User Service) server.
A shared or pre-shared key is an authentication string entered at the access point and client PCs.
Authentication takes place by matching the key stored in each PC with the key stored in the
access point.
Automatic key-generation methods rely upon digital certificates, which contain encoded user and
encryption information to verify the identity of a user and match it with a database of secure user
records. A certificate authority is the network service that manages digital certificates and
guarantees their integrity. The IEEE 802.1X standard specifies certificate-based authentication
using EAP (Extensible Authentication Protocol). EAP, in turn, comes in numerous variations.
Most enterprises manage remote access to the certificate authority using a RADIUS (Remote
Authentication Dial-In User Service) server. In this arrangement, client PC users install RADIUS
client software on their local PCs to provide RADIUS server access. Funk Software and
Microsoft are the major suppliers of RADIUS client software.
For home or small office networks, shared or pre-shared keys can provide adequate
authentication without the burden of centralized management and control. A built-in RADIUS
security portal is provided in some Access Points to extend the management and scalability
features of centralized management to administrators in small-to-mid sized office environments.
Encryption
Encryption protects wireless data from being intercepted and deciphered during transmission,
and thereby assures the security of your data. The Client Adapter is compatible with the
following options:
AES (Advanced Encryption Standard) -- Excellent, financial-grade security.
TKIP (Temporal Key Integrity Protocol) -- Good security, used as an enhancement for legacy systems.
WEP (Wired Equivalent Privacy) -- Minimal security, acceptable for non-critical data.
Open or no encryption -- No protection, use for non-critical communications or in conjunction with other
security protocols such as https or VPN/IPsec for corporate communications.
The most effective encryption/authentication methods are part of the WPA (Wi-Fi Protected
Access) cipher suite and are recommended for all environments in which security is an important
consideration, whether in the enterprise, small office or home. WPA provides much more
complete protection against discovery of encryption keys than does the WEP standards. WPA
has progressed through two generations of encryption technology to date, with AES being the
Installation and User Guide: Wireless LAN Client Page 37 of 46