Manualshelf

User's Manual Part 2

ManualsBrandsRiverbed Technology ManualsElectronicsXS-3900 Wireless LAN Array
12345678910
Wireless LAN Array
114 Configuring the Xirrus Array
Understanding Security
The Xirrus Wireless LAN Array incorporates many security features that
administrators can configure. After initially installing an Array, always change
the default administrator password (the default is admin), and choose a strong
replacement password (a strong password contains letters, numbers and special
characters). When appropriate, issue read only administrator accounts.
Other security considerations include:
z SSH versus Telnet: Be aware that Telnet is not secure over network
connections and should be used only with a direct serial port connection.
When connecting to the unit’s Command Line Interface over a network
connection, you must use a Secure SHell (SSH) utility. The most
commonly used freeware providing SSH tools is PuTTY.
z Configuration auditing: The optional Xirrus Wireless Management
System (XM-3300) offers powerful management features for small or
large Xirrus Wireless LAN deployments, and can audit your
configuration settings automatically. In addition, using the XM-3300
eliminates the need for an FTP server.
z Choosing an encryption method: Wireless data encryption prevents
eavesdropping on data being transmitted or received over the airwaves.
The Array allows you to establish the following data encryption
configuration options:
z Open—this option offers no data encryption and is not
recommended, though you might choose this option if clients are
required to use a VPN connection through a secure SSH utility,
like PuTTy.
z WEP (Wired Equivalent Privacy)—this option provides minimal
protection (though much better than using an open network). An
early standard for wireless data encryption and supported by all
Wi-Fi certified equipment, WEP is vulnerable to hacking and is
therefore not recommended for use by Enterprise networks.