Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 3500 Series
161162163164165166167168169170
Altitude 3500 Series Access Point Product Reference Guide
169
CHAPTER
6
Configuring Access Point
Security
Security measures for the Altitude 35xx and its WLANs are critical. Use the available Altitude 35xx
security options to protect the Altitude 35xx LAN from wireless vulnerabilities, and safeguard the
transmission of RF packets between the Altitude 35xx and its associated MUs.
WLAN security can be configured on an ESS by ESS basis on the Altitude 35xx. Sixteen separate ESSIDs
(WLANs) can be supported on an Altitude 35xx, and must be managed (if necessary) between the
802.11a and 802.11b/g radio. The user has the capability of configuring separate security policies for
each WLAN. Each security policy can be configured based on the authentication (Kerberos, 802.1x EAP)
or encryption (WEP, KeyGuard, WPA/TKIP or WPA2/CCMP) scheme best suited to the coverage area
that security policy supports.
The Altitude 35xx can also create VPN tunnels to securely route traffic through a IPSEC tunnel and
block transmissions with devices interpreted as Rogue APs.
NOTE
Security for the Altitude 35xx can be configured in various locations throughout the Altitude 35xx menu
structure. This chapter outlines the security options available to the Altitude 35xx, and the menu locations and steps
required to configure specific security measures.
Configuring Security Options
To configure the data protection options available on the Altitude 35xx, refer to the following:
To set an administrative password for secure Altitude 35xx logins, see “Setting Passwords” on
page 170.
To display security policy screens used to configure the authentication and encryption schemes
available to the Altitude 35xx, see “Enabling Authentication and Encryption Schemes” on page 172.
These security policies can be used on more than one WLAN.
To create a security policy supporting 802.1x EAP, see “Configuring 802.1x EAP Authentication” on
page 176.
To define a security policy supporting Kerberos, see, “Configuring Kerberos Authentication” on
page 174.
To create a security policy supporting WEP, see “Configuring WEP Encryption” on page 179.