Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
131132133134135136137138139140
3-17
Designing Access Controls
Choose the Access Control Methods
provide access to even fewer network resources—such as a public printer and
an Internet connection. ACLs should prevent guests from accessing sensitive
network resources such as personnel files or financial data.
Wireless Zone Security Concerns
Because a wireless network is a shared medium, it requires different security
measures to protect transmissions from eavesdroppers. For example, it is
possible for an unauthorized user (“war driver”) to use a directional antenna
to pick up wireless signals from outside your company’s building. Depending
on the way your wireless network is set up, it may be possible to detect these
signals using a laptop in the parking lot next to a building.
Therefore, in addition to selecting a strong access control method, you must
specify an encryption method to protect wireless transmissions. The encryption
method should be strong enough to protect wireless transmissions against
highly motivated hackers.
The encryption methods are listed below from least to most secure:
WEP
WPA with Temporal Key Integrity Protocol (TKIP)
WPA/WPA2 with TKIP or Counter Mode with Cipher Block Chaining
Message Authentication Code Protocol (CCMP) and Advanced Encryp-
tion Standard (AES) (CCMP-AES)
WPA2 with CCMP-AES
Table 3-3 explains the authentication and encryption methods that are available
for wireless networks. (For more information about these methods, see
Chapter 1: “Access Control Concepts.”)