Manualshelf

User manual

ManualsBrandsNETGEAR ManualsWLANWAC730 WLAN access point 1.75 Gbit/s 2.4 GHz, 5 GHz
31323334353637383940
WiFi Configuration and Security
36
ProSAFE Dual-Band Wireless AC Access Points WAC720 and WAC730
WiFi Data Security Options
Indoors, computers can connect over 802.11ac WiFi networks at a maximum range of
300 feet. Typically, a access point inside a building works best with devices within a 100-foot
radius. Such distances can allow for others outside your immediate area to access your
network.
Unlike wired network data, your WiFi data transmissions can extend beyond your walls and
can be received by anyone with a compatible WiFi device. For this reason, use the security
features of your WiFi equipment. The access point provides highly effective security features
that are covered in detail in this chapter. Deploy the security features appropriate to your
needs.
Figure 5. WiFi data security examples
You can enhance the security of your WiFi network in several ways:
Use multiple BSSIDs combined with VLANs. You can configure combinations of
VLANS and BSSIDs (security profiles) with stronger or less restrictive access security
according to your requirements. For example, visitors could be given WiFi Internet access
but be excluded from any access to your internal network. For information about how to
configure BSSIDs, see Configure and Enable WiFi Security Profiles on page 38.
Restrict access based on MAC address. You can allow only trusted devices to connect
so that unknown devices cannot connect over the WiFi to the access point. Restricting
access by MAC address adds an obstacle against unwanted access to your network, but
the data broadcast over the WiFi link is fully exposed. For information about how to
restrict access by MAC address, see Restrict WiFi Access by MAC Address on page 47.
Turn off the broadcast of the WiFi network name (SSID). If you disable broadcast of
the SSID, only devices with the correct SSID can connect. This nullifies the WiFi network
discovery feature of some products, such as Windows XP, but the data is still exposed.
For information about how to turn off broadcast of the SSID, see Configure and Enable
WiFi Security Profiles on page 38.
WPA2-PSK (AES). Wi-Fi Protected Access version 2 (WPA2) provides the most reliable
security with Advanced Encryption Standard (AES) encryption. This very strong
authentication along with dynamic per-frame rekeying of WPA2 makes it virtually