User's Manual
Table Of Contents
- Device Types
- Shipping Package Contents
- System Requirements
- Inserting and Removing the Wireless LAN Client Adapter
- Installing the Wireless LAN Client Adapter Driver
- Confirming the Installation
- Uninstalling the Windows Wireless Drivers
- Service Set Identifiers
- Wireless Bands and Channels
- WZC Overview
- Accessing WZC
- Wireless Security
Wireless Security
Although security is important in any network, the characteristics of wireless networks can make
them vulnerable to attack. Unlike wired networks, which require a physical connection that can
be secured with lock and key, wireless networks require only a radio signal for communication,
and physical barriers do not provide protection. A concern since the introduction of the IEEE
802.11 wireless communication standard, wireless security continues to evolve, as shortcomings
of existing security solutions are uncovered and new solutions are adopted.
Wireless security encompasses two major components: encryption and authentication.
Encryption provides a mechanism for protecting data transferred across the wireless link from
eavesdropping. Authentication provides a mechanism so that the identity of your PC or your
identity, or both, are confirmed so that you may gain access to the network.
Authentication
Effective authentication methods rely on manual distribution of shared or pre-shared
authentication keys or automatic generation of keys by a RADIUS (Remote Authentication Dial-
In User Service) server.
A shared or pre-shared key is an authentication string entered at the access point and client PCs.
Authentication takes place by matching the key stored in each PC with the key stored in the
access point.
Automatic key-generation methods rely upon digital certificates, which contain encoded user and
encryption information to verify the identity of a user and match it with a database of secure user
records. A certificate authority is the network service that manages digital certificates and
guarantees their integrity. The IEEE 802.1X standard specifies certificate-based authentication
using EAP (Extensible Authentication Protocol). EAP, in turn, comes in numerous variations.
Most enterprises manage remote access to the certificate authority using a RADIUS (Remote
Authentication Dial-In User Service) server. In this arrangement, client PC users install RADIUS
client software on their local PCs to provide RADIUS server access. Funk Software and
Microsoft are the major suppliers of RADIUS client software.
For home or small office networks, shared or pre-shared keys can provide adequate
authentication without the burden of centralized management and control. A built-in RADIUS
security portal is provided in some Access Points to extend the management and scalability
features of centralized management to administrators in small-to-mid sized office environments.
Encryption
Encryption protects wireless data from being intercepted and deciphered during transmission,
and thereby assures the security of your data. The Client Adapter is compatible with the
following options:
AES (Advanced Encryption Standard) -- Excellent, financial-grade security.
TKIP (Temporal Key Integrity Protocol) -- Good security, used as an enhancement for legacy systems.
WEP (Wired Equivalent Privacy) -- Minimal security, acceptable for non-critical data.
Open or no encryption -- No protection, use for non-critical communications or in conjunction with other
security protocols such as https or VPN/IPsec for corporate communications.
Page 18 of 29 Installation and User Guide: WFB400 Windows Wireless LAN Client