User Manual Part 2

Wi-Fi Array

210 Configuring the Wi-Fi Array

 “Using the Array’s Default Certificate” on page 214

 “Using an External Certificate Authority” on page 215

 “About Creating Admin Accounts on the RADIUS Server” on page 219

 “About Creating User Accounts on the RADIUS Server” on page 235

Security settings are configured with the following windows:

 “Admin Management” on page 215

 “Admin Privileges” on page 216

 “Admin RADIUS” on page 218

 “Management Control” on page 222

 “Access Control List” on page 229

 “Global Settings” on page 231

 “External Radius” on page 234

 “Internal Radius” on page 238

 “Rogue Control List” on page 241

Understanding Security

The Xirrus Wi-Fi Array incorporates many configurable security features. After

initially installing an Array, always change the default administrator password

(the default is admin), and choose a strong replacement password (containing

letters, numbers and special characters). When appropriate, issue read-only

administrator accounts.

Other security considerations include:

 SSH versus Telnet: Be aware that Telnet is not secure over network

connections and should be used only with a direct serial port connection.

When connecting to the unit’s Command Line Interface over a network

connection, you must use a Secure SHell version 2 (SSH-2) utility. SSH-2

provides stronger security than SSH-1. The most commonly used

freeware providing SSH tools is PuTTY.

 Configuration auditing: The optional Xirrus Management System (XMS)

offers powerful management features for small or large Xirrus Wi-Fi