Manualshelf

User guide

ManualsBrandsSiemens ManualsCell PhoneC10
101102103104105106107108109110
HWC_VNSConfiguration.fm
A31003-W1010-A100-1-7619, July 2005
HiPath Wireless Controller, Access Points and Convergence Software V3.0: User Guide
103
Virtual Network configuration
Privacy for a VNS
Set up dynamic WEP privacy for a selected AAA VNS
The dynamic key WEP mechanism changes to key for each user and each session.
1. To use dynamic keys, click on the Dynamic Keys radio button.
2. To save these settings, click on the Save button.
Privacy for a VNS for AAA: Wi-Fi Protected Access (WPA v1 and WPA v2)
The VNS Privacy function supports Wi-Fi Protected Access (WPA v1 and WPA v2), a security
solution that adds authentication to enhanced WEP encryption and key management.
The authentication portion of WPA for AAA is in Enterprise Mode:
Specifies 802.1x with Extensible Authentication Protocol (EAP)
Requires a RADIUS or other authentication server
Uses RADIUS protocols for authentication and key distribution
Centralizes management of user credentials
The encryption portion of WPA v1 is Temporal Key Integrity Protocol (TKIP). TKIP includes:
a per-packet key mixing function that shares a starting key between devices, and then
changes their encryption key for every packet or after the specified re-key time interval.
a extended WEP key length of 256-bits
an enhanced Initialization Vector (IV) of 48 bits, instead of 24 bits, making it more
difficult to compromise.
a Message Integrity Check or Code (MIC), an additional 8-byte code that is inserted
before the standard WEP 4-byte Integrity Check Value (ICV). These integrity codes are
used to calculate and compare, between sender and receiver, the value of all bits in a
message, to ensure that the message has not been tampered with.
The encryption portion of WPA v2 is Advanced Encryption Standard (AES). AES includes:
a 128 bit key length, for the WPA2/802.11i implementation of AES
four stages that make up one round. Each round is iterated 10 times. a per-packet key
mixing function that shares a starting key between devices, and then changes their
encryption key for every packet or after the specified re-key time interval.
the Counter-Mode/CBC-MAC Protocol (CCMP), a new mode of operation for a block
cipher that enables a single key to be used for both encryption and authentication. The
two underlying modes employed in CCM include
Counter mode (CTR) that achieves data encryption