User Manual Part 1

Wi-Fi Array

84 Installing the Wi-Fi Array

also be authenticated via RADIUS when preferred, or to meet particular

security standards.

 Xirrus Internal RADIUS server

Recommended for smaller numbers of users (about 100 or less). Supports

EAP-PEAP only

 Pre-Shared Key

Uses a pass-phrase or key that is manually distributed to all authorized

users. The same passphrase is given to client devices and entered into

each Array.

 MAC Access Control Lists (ACLs)

MAC access control lists provide a list of client adapter MAC addresses

that are allowed or denied access to the wireless network, and can be

used in addition to any of the above authentication methods. ACLs are

good for embedded devices, like printers and bar-code scanners (though

MAC addresses can be spoofed). The Array supports 1,000 ACL entries.

Meeting PCI DSS Standards

The Payment Card Industry (PCI) Data Security Standard (DSS) was developed

by major credit card companies. It lays out a set of requirements that must be met

in order to provide adequate security for sensitive data. The Wi-Fi Array may be

configured to satisfy PCI DSS standards. For details, please see Appendix D:

Implementing PCI DSS. Note that the license installed on the Array must include

the Xirrus Advanced RF Security Manager (RSM) to support PCI audit

compliance enforcement. Please see “About Licensing and Upgrades” on

page 325.

Meeting FIPS Standards

The Federal Information Processing Standard (FIPS) Publication 140-2 establishes

a computer security standard used to accredit cryptographic modules. The

standard is a joint effort by the U.S. and Canadian governments. To implement

Level 2 security requirements of FIPS Level 2 on the Wi-Fi Array, see Appendix E:

Implementing FIPS Security.