User guide

ManualsBrandsEnterasys ManualsComputer equipment802.11

131

132

133

134

135

136

137

138

139

140

D-4 Glossary

Dynamic WEP The IEEE introduced the concept of user-based authentication

using per-user encryption keys to solve the scalability issues that

surrounded static WEP. This resulted in the 802.1X standard,

which makes use of the IETF's Extensible Authentication Protocol

(EAP), which was originally designed for user authentication in

dial-up networks. The 802.1X standard supplemented the EAP

protocol with a mechanism to send an encryption key to a

Wireless AP. These encryption keys are used as dynamic WEP

keys, allowing traffic to each individual user to be encrypted using

a separate key.

EAP-TLS

EAP-TTLS

EAP-TLS Extensible Authentication Protocol - Transport Layer

Security. A general protocol for authentication that also supports

multiple authentication methods, such as token cards, Kerberos,

one-time passwords, certificates, public key authentication and

smart cards. IEEE 802.1x specifies how EAP should be

encapsulated in LAN frames.

In wireless communications using EAP, a user requests

connection to a WLAN through an access point, which then

requests the identity of the user and transmits that identity to an

authentication server such as RADIUS. The server asks the

access point for proof of identity, which the access point gets from

the user and then sends back to the server to complete the

authentication.

EAP-TLS provides for certificate-based and mutual authentication

of the client and the network. It relies on client-side and server-

side certificates to perform authentication and can be used to

dynamically generate user-based and session-based WEP keys.

EAP-TTLS (Tunneled Transport Layer Security) is an extension of

EAP-TLS to provide certificate-based, mutual authentication of the

client and network through an encrypted tunnel, as well as to

generate dynamic, per-user, per-session WEP keys. Unlike EAP-

TLS, EAP-TTLS requires only server-side certificates.

(See also PEAP)

ELA (OPSEC) Event Logging API (Application Program Interface) for OPSEC, a

module in Check Point used to enable third-party applications to

log events into the Check Point VPN-1/FireWall-1 management

system.

Encapsulation See tunnelling.

ESS Extended Service Set (ESS). Several Basic Service Sets (BSSs)

can be joined together to form one logical WLAN segment,

referred to as an extended service set (ESS). The SSID is used to

identify the ESS. (See BSS and SSID.)

FHSS Frequency-Hopping Spread Spectrum. A transmission technology

used in Local Area Wireless Network (LAWN) transmissions

where the data signal is modulated with a narrowband carrier

signal that ‘hops’ in a random but predictable sequence from

frequency to frequency as a function of time over a wide band of

frequencies. This technique reduces interference. If synchronized

properly, a single logical channel is maintained. (Compare DSSS)

Term Definition