User's Manual
35
3.5.2.1. Basic
Fig. 46. Basic IEEE 802.11g security settings.
For security reasons, it’s highly recommended that the security mode be set to options other than
Open System. When the security mode is set to Open System, no authentication and data encryption
will be performed. Additionally, you can disable the SSID broadcasts functionality so that a wireless
client computer with an “any” SSID cannot associate with the AP.
When the Wireless client isolation setting is set to This AP Only, wireless clients of this AP cannot
see each other, and wireless-to-wireless traffic is blocked. When the setting is set to All APs in This
Subnet, traffic among wireless users of different APs in the same IP subnet is blocked. This feature is
useful for WLANs deployed in public places. In this way, hackers have no chance to attack other
wireless users in a hotspot.
When the Wireless client isolation setting is set to This AP Only, wireless clients (STAs) of this AP
cannot see each other, and wireless-to-wireless traffic between the STAs is blocked. When the setting
is set to All APs in This Subnet, traffic among wireless users of different APs in the same IP subnet
is blocked. The behaviors are illustrated in the following figures.
AP 1 AP 2
STA 1
STA 2
STA 3
Wireless Link
Ethernet Link
Switch
WCI:
This AP Only
WCI:
This AP Only
Fig. 47. Behavior of the “This AP Only” wireless client isolation option.