User's Manual
Table Of Contents
- XS-3900 User’s Guide
- Front Matter
- Table of Contents
- List of Figures
- Introduction
- Installing the XS-3900
- Installation Prerequisites
- Planning Your Installation
- Installation Workflow
- Unpacking the XS-3900
- Installing the XS-3900
- Powering Up the XS-3900
- Establishing Communication with the Array
- Performing the Express Setup Procedure
- The Web Management Interface
- Configuring the XS-3900
- Logging In
- Making Configuration Changes to the XS-3900
- Array Status
- Express Setup
- Network Interfaces
- IAP Interfaces
- SSID Management
- Security
- Users
- Services
- Software
- Tools
- Event Log
- The Command Line Interface
- Establishing a Secure Shell (SSH) Connection
- Basic Commands
- Command Modes
- Selecting Interfaces
- Command Line Keywords
- Interface Selection
- Interface Configuration
- Radio Configuration
- Beacon Information
- System Administration
- System Testing
- Security
- Station Timeouts
- SSID Configuration
- DNS Configuration
- NTP Configuration
- DHCP Configuration
- Syslog Configuration
- SNMP Configuration
- Filters
- Radius Configuration
- Reports
- Data Handling
- Data Clearance
- Show Information
- Remove Configuration
- Help
- Appendix A: Quick Reference Guide
- Appendix B: Technical Support
- Glossary of Terms
- Index
Wireless LAN Array
Appendix B: Technical Support 189
z WEP (Wired Equivalent Privacy)
This option provides minimal protection (though much better
than using an open network). An early standard for wireless data
encryption and supported by all Wi-Fi certified equipment, WEP
is vulnerable to hacking and is therefore not recommended for
use by Enterprise networks.
z WPA (Wi-Fi Protected Access)
This is a much stronger encryption model than WEP and uses
TKIP (Temporal Key Integrity Protocol) with AES (Advanced
Encryption Standard) to prevent WEP cracks.
TKIP solves security issues with WEP. It also allows you to
establish encryption keys on a per-user-basis, with key rotation
for added security. In addition, TKIP provides Message Integrity
Check (MIC) functionality and prevents active attacks on the
wireless network.
AES is the strongest encryption standard and is used by
government agencies; however, old legacy hardware may not be
capable of supporting the AES mode (it probably won’t work on
older wireless clients). Because AES is the strongest encryption
standard currently available, it is highly recommended for
Enterprise networks.
Any of the above encryption modes can be used (and can be used at
the same time).
Q. Which user authentication method should I use?
A. User authentication ensures that users are who they say they are. For this
purpose, the XS-3900 allows you to choose between the following user
authentication methods:
z Pre-Shared Key
Users must manually enter a key (pass phrase) on the client side
of the wireless network that matches the key stored by the
administrator in the XS-3900.