User Manual Part 1
Table Of Contents
- Check Point Safe@Office User Guide 8.0
- Copyright & Trademarks
- Contents
- About This Guide
- Introduction
- About Your Check Point Safe@Office Appliance
- Safe@Office 500 Product Family
- Product Features
- Wireless Features
- Optional Security Services
- Software Requirements
- Getting to Know Your Safe@Office 500 Appliance
- Getting to Know Your Safe@Office 500W Appliance
- Getting to Know Your Safe@Office 500 ADSL Appliance
- Getting to Know Your Safe@Office 500W ADSL Appliance
- Contacting Technical Support
- Safe@Office Security
- Installing and Setting Up Safe@Office
- Getting Started
- Configuring the Internet Connection
- Managing Your Network
- Using Bridges
- Configuring High Availability
- Using Traffic Shaper
- Working with Wireless Networks
- Viewing Reports
- Viewing Logs
- Setting Your Security Policy
Overview
264 Check Point Safe@Office User Guide
The Primary WLAN
In addition to the LAN and DMZ networks, you can define a wireless internal network
called the primary WLAN (wireless LAN) network. The primary WLAN is the main
wireless network, and it controls all other wireless network's statuses: wireless networks
can be enabled only if the primary WLAN is enabled, and disabling the primary WLAN
automatically disables all other wireless network. In addition, all wireless networks inherit
certain settings from the primary WLAN.
You can configure the primary WLAN in either of the following ways:
• Wireless Configuration Wizard. Guides you through the primary WLAN setup,
step by step.
See Using the Wireless Configuration Wizard on page 273.
• Manual configuration. Offers advanced setup o
ptions for the primary WLAN.
See Manually Configuring a WLAN on page 280.
Note: If the Safe@Office 500 Power Pack upgrade is not installed, the primary
WLAN is the only wireless network.
Virtual Access Points
The Safe@Office appliance enables you to partition the primary WLAN into virtual access
points (VAPs). A VAP is a logical wireless network behind the Safe@Office appliance and
is a type of VLAN (see Configuring VLANs on page 174). Like other types of VLANs,
VAPs are isolated fro
m each other and can have separate security policies, IP network
segments, and Traffic Shaper settings. This enables you to configure separate policies for
different groups of wireless users.
For example, you could assign different permissions to employees and guests using your
company's wireless network, by defining two VAPs called “Guest” and “Employee”. The
Guest VAP would use simple WPA-Personal encryption, and the security policy would
mandate that stations connected to this network can access the Internet, but not sensitive