Security Solutions
3-137
Designing Access Controls
Lay Out the Network
You should also verify that your wireless PEPs support your chosen access
control and encryption methods. All ProCurve wireless devices support all
encryption options, and the Wireless Edge Services Module supports all three
access control methods. As you can see in Table 3-110, the AP 420 and AP 530
do not support Web-Auth, so this access control method must be implemented
at the switch port.
For full details on each product, visit http://www.hp.com/rnd/products/wire-
less/index.htm.
Table 3-110. Authentication and Encryption Supported by ProCurve Wireless
Products
Note
ProCurve Networking periodically updates the software on APs, Wireless Edge
Services Modules, and switches. Check the ProCurve Web site at
http://
www.hp.com/rnd/products/wireless/index.htm
to see if there is a newer ver-
sion of software, which delivers new capabilities for these wireless products.
Choose Switches. A Wireless Edge Services xl Module is installed in a
Switch 5300xl, and a Wireless Edge Services zl Module in a Switch 5400zl or
Switch 8200zl.
ProCurve Product Software
Version
Authentication
Methods
Dynamic Settings EAP Method for
802.1X
Encryption Methods
Wireless Edge
Services zl
Module
WS.02.02 • MAC-Auth
•Web-Auth
• 802.1X
•VLAN
•ACL
• Rate limit
•QoS
Any • WEP
• WPA/WPA2:
–TKIP
–AES
Wireless Edge xl
Services Module
WS.02.07 • MAC-Auth
•Web-Auth
• 802.1X
•VLAN
•ACL
• Rate limit
•QoS
Any • WEP
• WPA/WPA2:
–TKIP
–AES
AP 530 WA.01.19 • MAC-Auth
•Web-Auth
•VLAN
•ACL
• Rate limit
Any • WEP
• WPA/WPA2:
–TKIP
–AES
AP 420 2.2.1 • MAC-Auth
• 802.1X
VLAN • EAP-MD5
•EAP-TLS
•EAP-TTLS
•PEAP
•WEP
• WPA/WPA2:
–TKIP
–AES