User Manual Part 1
Table Of Contents
- Check Point Safe@Office User Guide 8.0
- Copyright & Trademarks
- Contents
- About This Guide
- Introduction
- About Your Check Point Safe@Office Appliance
- Safe@Office 500 Product Family
- Product Features
- Wireless Features
- Optional Security Services
- Software Requirements
- Getting to Know Your Safe@Office 500 Appliance
- Getting to Know Your Safe@Office 500W Appliance
- Getting to Know Your Safe@Office 500 ADSL Appliance
- Getting to Know Your Safe@Office 500W ADSL Appliance
- Contacting Technical Support
- Safe@Office Security
- Installing and Setting Up Safe@Office
- Getting Started
- Configuring the Internet Connection
- Managing Your Network
- Using Bridges
- Configuring High Availability
- Using Traffic Shaper
- Working with Wireless Networks
- Viewing Reports
- Viewing Logs
- Setting Your Security Policy
Overview
Chapter 10: Working with Wireless Networks 271
Security
Protocol
Description
WPA-Enterprise:
RADIUS
authentication,
encryption
The WPA-Enterprise (Wi-Fi Protected Access) security method uses MIC
(message integrity check) to ensure the integrity of messages, and TKIP
(Temporal Key Integrity Protocol) to enhance data encryption.
Furthermore, WPA-Enterprise includes 802.1x and EAP authentication,
based either on a central RADIUS authentication server, or on the
Safe@Office appliance's built-in EAP authenticator. This method is
recommended for situations where you want to authenticate wireless stations,
and to encrypt the transmitted data.
Note: To use this security method, you must first configure either a RADIUS
server that supports 802.1x, or set up the network for use with the
Safe@Office EAP authenticator. For information on configuring a RADIUS
server, see Using RADIUS Authentication. on page 650 For information on
using the Safe@Office EAP authentic
ator, see Using the Safe@Office
EAP
Authenticator on page 394.
WPA-Personal:
password
authentication,
encryption
The WPA-Personal security method (also called WPA-PSK) is a variation of
WPA-Enterprise that does not require an authentication server. WPA-
Personal periodically changes and authenticates encryption keys. This is
called rekeying.
This option is recommended for small networks, which want to authenticate
and encrypt wireless data, but do not want to install a RADIUS server or use
the Safe@Office EAP authenticator.
This security method is not supported for WDS links.
Note: The appliance and the wireless stations must be configured with the
same passphrase.