System information
Wireless Security Configuration
Wireless Security Overview
Security Mechanism Client Support Implementation Considerations
MAC Address Filtering Uses the MAC address of client
network card
WPA with 802.1X Requires WPA-enabled system and
network card driver
(native support provided in
Windows XP)
WPA PSK Mode Requires WPA-enabled system and
network card driver
(native support provided in
Windows XP)
WPA2 with 802.1X Requires WPA-enabled system and
network card driver
(native support provided in
Windows XP)
WPA2 PSK Mode Requires WPA-enabled system and
network card driver
(native support provided in
Windows XP)
• Provides only weak user authentication
• Management of authorized MAC addresses
• Can be combined with other methods for improved
security
• Optional configured RADIUS server
• Provides robust security in WPA-only mode
• Offers support for legacy WEP clients, but with
increased security risk
• Requires configured RADIUS server
• 802.1X EAP type may require management of digital
certificates for clients and server
• Provides good security in small networks
• Requires manual management of pre-shared key
• Provides the strongest security in WPA2-only mode
• Provides robust security in mixed mode for WPA and
WPA2 clients
• Offers fast roaming for time-sensitive client
applications
• Requires configured RADIUS server
• 802.1X EAP type may require management of digital
certificates for clients and server
• Clients may require harware upgrade to be WPA2
compliant
• Provides robust security in small networks
• Requires manual management of pre-shared key
• Clients may require harware upgrade to be WPA2
compliant
When you have decided which security mechanisms to implement in your
network, refer to the following tables for a summary of the access point
configuration procedures.
For more details on security configurations that are possible using the CLI,
see “CLI: Configuring Security Settings” on page 7-19.
7-7