User's Manual
Table Of Contents
- Cover
- Table of Contents
- List of Figures
- List of Tables
- 1 Introduction
- 2 Marvell Wireless Configuration Utility Overview
- 3 Marvell Wireless Configuration Utility User Interface
- 3.1 Network Status Tab
- 3.2 Profile Manager Tab
- 3.3 Site Survey Tab
- 3.4 Statistics Tab
- 3.5 Advanced Tab
- 3.6 AutoLink Tab
- 3.7 Admin Tab
- 3.8 About Tab
- A Compliance Statements
- B Acronyms and Abbreviations
- C Revision History
- Back Cover
Marvell Wireless Configuration Utility Overview
Security
Copyright © 2007 Marvell CONFIDENTIAL Doc. No. MV-S800477-00 Rev. B
August 14, 2007, 2.00 Document Classification: Proprietary Information Page 13
2.3 Security
Implementing a security infrastructure to monitor physical access to WLAN networks is more difficult
than monitoring access on wired networks. Unlike wired networks where a physical connection is
required, anyone within the range of a wireless AP can send and receive frames, as well as listen for
frames being sent.
IEEE 802.11 and IEEE 802.1X define a set of standards and protocols for use in minimizing the
security risks on wireless networks. These include the authentication modes used to authenticate
the wireless client station and the wireless AP to be connected, complemented by different
encryption methods used for data to be transmitted over the wireless network. Four of these security
standards are as follows:
802.1X—802.1X authentication provides authenticated access to 802.11 wireless networks and
to wired Ethernet networks. 802.1X minimizes wireless network security risks by providing user
and computer identification, centralized authentication, and encryption services based on the
Wired Equivalent Privacy (WEP) algorithm. 802.1X supports the Extensible Authentication
Protocol (EAP). EAP allows the use of different authentication methods, such as smart cards
and certificates.
Wired Equivalent Privacy (WEP)—WEP is a basic security implementation according to the
IEEE 802.11 standard. Due to various security issues WEP encryption is vulnerable and was
therefore superseded by WPA and WPA2 encryption.
Wi-Fi Protected Access (WPA)—WPA is a security implementation based on a subset of the
802.11i standard. WPA provides enhanced security for wireless networks when used with the
Temporal Key Integrity Protocol (TKIP) and the Message Integrity Check (MIC) algorithms.
Wi-Fi Protected Access 2 (WPA2)—WPA2 is the next generation Wi-Fi security, based on the
final 802.11i standard. WPA2 offers the strongest available security in the form of Advanced
Encryption Standard (AES) level encryption, plus faster roaming between APs.
Security Configurations
The Marvell Wireless Configuration Utility supports the following security features:
Authentication Modes
• Open System
• Shared Key
• Auto Switch
• WPA-PSK
• WPA2-PSK
• WPA
• WPA2
• 802.1X Authentication Protocol (including support for Cisco
®
Compatible Extensions (CCX))
- EAP/Transport Layer Security (EAP/TLS) (equivalent to Microsoft “Smart Card or other
Certificate”)
- Protected EAP (PEAP)
- EAP/Tunneled TLS Authentication Protocol (EAP/TTLS)
- Light EAP (LEAP)
- EAP-Flexible Authentication via Secure Tunneling (EAP-FAST)
Encryption Methods
• Security Off
• WEP (including support for Cisco Message Integrity Check (CMIC) and Cisco Key Integrity
Protocol (CKIP))