User Manual
42 MDS entraNET 900 System Guide (Preliminary) MDS 05-4055A01, Rev. A
2.6 SECURITY CONFIGURATION
There are many options for assisting you in providing secondary secu-
rity for your transceivers and the network. These options start with con-
trolling remote access to the network via Telnet, Web Browser, and
SNMP. Other areas include multiple levels of encryption and
MD5-level security for HTTP connections.
Figure 2-20. Security Configuration Menu
(Access Point Version Shown)
• Provisioning— Enable provisioning at the Remote.
[Enabled/Disabled; Disabled]
Enabling forces the entraNET 900 to check the Approved AP
List before continuing the authorization process. In the case of
a Remote, the AP must be in the Approved Access Points List
before it accepts the beacon as valid. In the case of an AP, a
Remote must be in the Approved Remotes List to be granted
authorization. Before enabling this option, at least one entry
must already exist in the Approved List.
• Encryption— Enable encryption of over-the-air data pack-
ets. [Enabled, Disabled; Disabled]
Enabling forces the transceiver to use 128-bit encryption on all
over-the-air messages. This option requires the Encryption
Phrase to be previously configured.
• Auto Key Rotation—Enable automatic rotation of
encryption keys. [Enabled, Disabled; Disabled]
Enabling forces the transceiver to use the key rotation algorithm
to generate a new encryption key after 500 kilobytes of informa-
tion has been transmitted, or one hour has elapsed. Key rotation
prevents reusing encryption data that could result in key-crack-
ing, unlike standard 802.11b communications that rely on static
encryption keys.
• HTTP Access—Prevents remote access through HTTP (Web
browser) on Port 80 [Enabled/Disabled; Disabled]
MIS Wireless IP Host
Security Configuration Menu
-==========================================================================-
A) Provisioning enabled G) Approved Remotes List
B) Encryption disabled H) Encryption Phrase ********
C) Auto Key Rotation disabled I) Force Key Rotation
D) HTTP Access disabled J) HTTP Security Mode Basic Auth
E) SNMP Access disabled K) User Password ********
F) Telnet Access enabled
Select a letter to configure an item, <ESC> for the prev menu