Manualshelf

User's Manual

ManualsBrandsToshiba Client Solutions ManualsElectronics802.11a/b/g Mini PCI type 3B Card
61626364656667686970
Security Overview
Message Integrity Check (MIC)
Message Sequence Number
EAP-FAST
EAP-FAST, like EAP-TTLS and PEAP, uses tunneling to protect traffic. The main difference is that EAP-FAST
does not use certificates to authenticate.
Provisioning in EAP-FAST is negotiated solely by the client as the first communication exchange when EAP-
FAST is requested from the server. If the client does not have a pre-shared secret Protected Access
Credential (PAC), it can request to initiate a provisioning EAP-FAST exchange to dynamically obtain one from
the server.
EAP-FAST documents two methods to deliver the PAC: manual delivery through an out-of-band secure
mechanism, and automatic provisioning.
Manual delivery mechanisms can be any delivery mechanism that the administrator of the network feels
is sufficiently secure for their network.
Automatic provisioning establishes an encrypted tunnel to protect the authentication of the client and
the delivery of the PAC to the client. This mechanism, while not as secure as a manual method may be,
is more secure than the authentication method used in LEAP.
The EAP-FAST method can be divided into two parts: provisioning, and authentication.
The provisioning phase involves the initial delivery of the PAC to the client. This phase only needs to be
performed once per client and user.
Mixed Cells Mode
Some access points, for example Cisco 350 or Cisco 1200, support environments in which not all client stations
support WEP encryption, this is called Mixed-Cell Mode. When these wireless network operate in “optional
encryption” mode, client stations that join in WEP mode, send all messages encrypted, and stations, that join in
using standard mode, send all messages unencrypted. These APs broadcast that the network is not using
encryption, but allow clients to join using WEP mode. When “Mixed-Cell” is enabled in a profile, it allows you to
connect to access points that are configured for “optional encryption.” Refer to Cisco Compatible Extensions
Options for more information.
Radio Management
When this feature is enabled your wireless adapter provides radio management information to the Cisco
infrastructure. If the Cisco Radio Management utility is used on the infrastructure, it configures radio
parameters, detects interference and Rogue access points.
file:///C|/CX2%20Muroc%20UG/6-15-04/security.htm (5 of 6) [6/15/2004 3:40:11 PM]