Specifications
6-3
Determining Security for Your Wireless Network
Security for Managing a RoamAbout AP
The RoamAbout R2 can be managed from the AP Manager, a Network Management
Station (NMS) using SNMP, the R2 console port, Telnet which accesses the console port
menu, and the R2 web interface.
Review these suggestions to maximize security when managing an R2:
• Determine which tools need to access the AP. The Telnet and web access can be
disabled as described in Configuring the Console Port for Security on page 6-24.
• If allowing Telnet and web access, change the password on a regular basis. The same
password is used for Telnet, web, and console port access.
• If allowing Telnet access, enable SSH for secure Telnet sessions and disable the Telnet
interface. (The R2 supports both Telnet and SSH access simultaneously.)
• If allowing web access, enable TLS for secure web sessions. Change the certificate on
a regular basis.
• If using the AP Manager or an NMS using SNMPv3, change the Authentication and
Privacy passwords on a regular basis.
• Set the SNMP, SNMPv2c, and SNMPv3 community names to allow read-write,
read-only, or no access for NMS systems.
• To prevent an NMS from accessing the AP but still allow the AP Manager access, set
SNMP Community Name #1 to public and disable the other community names.
The AP 2000 can be managed from the AP Manager, an NMS using SNMP, and the console
port. Review these suggestions to maximize security when managing an AP 2000:
• Enable the console password and change the SNMP read-write community name.
Users must enter the community name as the password to access the console menu.
• Set the SNMP community name to allow read-write, read-only, or no access for NMS
systems using SNMP.
NOTE: The RMON parameters and Aging Timer on the AP can only
be changed by an NMS.