Manualshelf

User's Manual Part 3

ManualsBrandsCascade Networks ManualsElectronicsMotorola Canopy compatible Wireless Internet Acces
71727374757677787980
Release8OperationsGuide
Issue2,November2007 Draft5forRegula toryReview 375
22 SECURINGYOURNETWORK
22.1 ISOLATINGAPSFROMTHEINTERNET
Ensure that the IP addresses of the APs in your network
are not routable over the Internet.
do not share the subnet of the IP address of your user.
RFC 1918, Address Allocation for Private Subnets, reserves for private IP networks three
blocks of IP addresses that are not routable over the Internet:
/8 subnets have one reserved network, 10.0.0.0 to 10.255.255.255.
/16 subnets have 16 reserved networks, 172.16.0.0 to 172.31.255.255.
/24 subnets have 256 reserved networks, 192.168.0.0 to 192.168.255.255.
22.2 ENCRYPTINGCYCLONERADIOTRANSMISSIONS
Cyclone systems employ the following forms of encryption for security of the wireless link:
BRAID–a security scheme that the cellular industry uses to authenticate wireless
devices.
DES–Data Encryption Standard, an over-the-air link option that uses secret
56-bit keys and 8 parity bits.
AES–Advanced Encryption Standard, an extra-cost over-the-air link option that
provides extremely secure wireless connections. AES uses 128-bit secret keys
as directed by the government of the U.S.A. AES is not exportable and requires
a special AP to process the large keys.
BRAID is a stream cipher that the TIA (Telecommunications Industry Association) has
standardized. Standard Cyclone APs and SMs use BRAID encryption to
calculate the per-session encryption key (independently) on each end of a link.
provide the digital signature for authentication challenges.
22.2.1 DESEncryption
Standard Cyclone modules provide DES encryption. DES performs a series of bit
permutations, substitutions, and recombination operations on blocks of data.
DES Encryption does not affect the performance or throughput of the system.
22.2.2 AESEncryption
Last Mile Gear also offers Cyclone products that provide AES encryption. AES uses the
Rijndael algorithm and 128-bit keys to establish a higher level of security than DES.
Because of this higher level of security, the government of the U.S.A. controls the export
of communications products that use AES (among which the Cyclone AES feature
activation key is one) to ensure that these products are available in only certain regions
and by special permit.