Manualshelf

Specifications

ManualsBrandsExtreme Networks ManualsComputer equipmentAltitude 4700 Series
191192193194195196197198199200
Altitude 4700 Series Access Point Product Reference Guide
197
CHAPTER
6
Configuring Access Point
Security
Security measures for the access point and its WLANs are critical. Use the available access point
security options to protect the access point LAN from wireless vulnerabilities, and safeguard the
transmission of RF packets between the access point and its associated MUs.
WLAN security can be configured on an ESS by ESS basis on the access point. Sixteen separate ESSIDs
(WLANs) can be supported on an access point, and must be managed (if necessary) between the
802.11a/n and 802.11b/g/n radio. The user has the capability of configuring separate security policies
for each WLAN. Each security policy can be configured based on the authentication (Kerberos, 802.1x
EAP) or encryption (WEP, KeyGuard, WPA/TKIP or WPA2/CCMP) scheme best suited to the coverage
area that security policy supports.
The access point can also create VPN tunnels to securely route traffic through a IPSEC tunnel and block
transmissions with devices interpreted as Rogue APs.
NOTE
Security for the access point can be configured in various locations throughout the access point menu
structure. This chapter outlines the security options available to the access point, and the menu locations and steps
required to configure specific security measures.
Configuring Security Options
To configure the data protection options available on the access point, refer to the following:
To set an administrative password for secure access point logins, see “Setting Passwords” on
page 198.
To display security policy screens used to configure the authentication and encryption schemes
available to the access point, see “Enabling Authentication and Encryption Schemes” on page 200.
These security policies can be used on more than one WLAN.
To create a security policy supporting 802.1x EAP, see “Configuring 802.1x EAP Authentication” on
page 204.
To define a security policy supporting Kerberos, see, “Configuring Kerberos Authentication” on
page 202.
To create a security policy supporting WEP, see “Configuring WEP Encryption” on page 208.