User Guide Part 1
Wi-Fi Array
210 Configuring the Wi-Fi Array
z
“Admin RADIUS” on page 216
z
“Management Control” on page 219
z
“Access Control List” on page 223
z
“Global Settings” on page 225
z
“External Radius” on page 228
z
“Internal Radius” on page 231
z
“Rogue Control List” on page 233
Understanding Security
The Xirrus Wi-Fi Array incorporates many configurable security features. After
initially installing an Array, always change the default administrator password
(the default is admin), and choose a strong replacement password (containing
letters, numbers and special characters). See also, “See Also” on page 126. When
appropriate, issue read only administrator accounts.
Other security considerations include:
z
SSH versus Telnet: Be aware that Telnet is not secure over network
connections and should be used only with a direct serial port connection.
When connecting to the unit’s Command Line Interface over a network
connection, you must use a Secure SHell version 2 (SSH-2) utility. SSH-2
provides stronger security than SSH-1. The most commonly used
freeware providing SSH tools is PuTTY.
z
Configuration auditing: The optional Xirrus Management System (XMS)
offers powerful management features for small or large Xirrus Wi-Fi
deployments, and can audit your configuration settings automatically. In
addition, using the XMS eliminates the need for an FTP server.
z
Choosing an encryption method: Wireless data encryption prevents
eavesdropping on data being transmitted or received over the airwaves.
The Array allows you to establish the following data encryption
configuration options:
• Open—this option offers no data encryption and is not
recommended, though you might choose this option if clients are