Manual
AT-WA7400 Management Software User’s Guide
107
Comparison of
Security Modes
for Key
Management,
Authentication
and Encryption
Algorithms
Three major factors that determine the effectiveness of a security protocol
are:
How the protocol manages keys
Presence or absence of integrated user authentication in the protocol
Encryption algorithm or formula the protocol uses to encode/decode
the data
Following are the security modes available in the AT-WA7400 Wireless
Access Point along with a description of the key management,
authentication, and encryption algorithms used in each mode and include
some suggestions as to when one mode is more appropriate than another.
Plain text
Static WEP
IEEE 802.1x
WPA/WPA2 (Personal) PSK
WPA/WPA2 Enterprise (RADIUS)
When to Use Plain Text
Plain text mode by definition provides no security. In this mode, the data is
not encrypted but rather sent as “plain text” across the network. No key
management, data encryption, or user authentication is used.
Plain text mode is not recommended for regular use on the internal
network because it is not secure.
Plain text mode is the only mode in which you can run the guest network,
which is by definition an unsecure LAN always virtually or physically
separated from any sensitive information on the internal LAN.
Therefore, use plain text mode on the guest network and on the internal
network for initial setup, testing, or problem solving only.
For information on how to configure plain text mode, see “Plain Text” on
page 115.
When to Use Static WEP
Static Wired Equivalent Privacy (WEP) is a data encryption protocol for
802.11 wireless networks. All wireless stations and access points on the
network are configured with a static 64-bit (40-bit secret key + 24-bit
initialization vector (IV)) or 128-bit (104-bit secret key + 24-bit IV) Shared