Manual

ManualsBrandsAllied Telesis ManualsComputer HardwareAT-WA7400/EU

111

112

113

114

115

116

117

118

119

120

Chapter 10: Configuring Security

116

Wireless Access Point is not encrypted.

There are no further options for plain text mode.

Plain text mode can be useful during initial network configuration or for

problem solving, but it is not recommended for regular use on the internal

network because it is not secure.

Guest Network

Plain text mode is the only mode in which you can run the guest network,

which is by definition an easily accessible, unsecure LAN always virtually

or physically separated from any sensitive information on the internal LAN.

For example, the guest network might provide Internet and printer access

for day visitors.

The absence of security on the guest access point is designed to make it

as easy as possible for guests to get a connection without having to pro-

gram any security settings in their clients.

For a minimum level of protection on a guest network, you can choose to

suppress (prohibit) the broadcast of the SSID (network name) to

discourage client stations from automatically discovering your access

point. (See also “Does Prohibiting the Broadcast SSID Enhance

Security?” on page 113.)

For more about the guest network, see Chapter 11, “Setting Up Guest

Access” on page 133.

Static WEP Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11

wireless networks. All wireless stations and access points on the network

are configured with a static 64-bit (40-bit secret key + 24-bit initialization

vector (IV)) or 128-bit (104-bit secret key + 24-bit IV) Shared Key for data

encryption.

You cannot mix 64-bit and 128-bit WEP keys between the access point

and its client stations.

Static WEP is not the most secure mode available, but it offers more

protection than plain text mode as it does prevent an outsider from easily

sniffing out unencrypted wireless traffic. (For more secure modes, see the

sections on “IEEE 802.1x” on page 121, “WPA/WPA2 Enterprise

(RADIUS)” on page 125, or “WPA/WPA2 Personal (PSK)” on page 123.)

WEP encrypts data moving across the wireless network based on a static

key. (The encryption algorithm is a stream cipher called RC4.)

The access point uses a key to transmit data to the client stations. Each

client station must use that same key to decrypt data it receives from the

access point.