3Com 3CRWEASYA73 Network Router User Manual


 
5-51
Security
The access point can simultaneously support clients using various different
security mechanisms. The configuration for these security combinations are
outlined in the following table. Note that MAC address authentication can be
configured independently to work with all security mechanisms and is indicated
separately in the table. Required RADIUS server support is also listed.
Table 5 Security Considerations
WPA over 802.1X
Mode
Requires WPA-enabled system
and network card driver
(native support provided in
Windows XP)
Provides robust security in WPA-only mode
(i.e., WPA clients only)
Offers support for legacy WEP clients, but with
increased security risk (i.e., WEP authentication
keys disabled)
Requires configured RADIUS server
802.1X EAP type may require management of
digital certificates for clients and server
WPA PSK Mode Requires WPA-enabled system
and network card driver
(native support provided in
Windows XP)
Provides good security in small networks
Requires manual management of pre-shared key
WPA2 with
802.1X
Requires WPA-enabled system
and network card driver (native
support provided in Windows
XP)
Provides the strongest security in WPA2-only
mode
Provides robust security in mixed mode for WPA
and WPA2 clients
Offers fast roaming for time-sensitive client
applications
Requires configured RADIUS server
802.1X EAP type may require management of
digital certificates for clients and server
Clients may require hardware upgrade to be
WPA2 compliant
WPA2 PSK Mode Requires WPA-enabled system
and network card driver (native
support provided in Windows
XP)
Provides robust security in small networks
Requires manual management of pre-shared key
Clients may require hardware upgrade to be
WPA2 compliant
Security
Mechanism
Client Support Implementation Considerations
NOTE: You must enable data encryption through the web in order to enable all
types of encryption (WEP, TKIP, or AES) in the access point.
Client Security
Combination
Configuration Summary
a
MAC
Authentication
b
RADIUS
Server
No encryption and no
authentication
Authentication: Open System
Encryption: Disable
802.1x: Disable
Local, RADIUS, or
Disabled
Yes
3
Static WEP only (with
or without shared
key authentication)
Enter 1 to 4 WEP keys
Select a WEP transmit key for the interface
Authentication: Shared Key or Open System
Encryption: Enable
802.1x: Disable
Local, RADIUS, or
Disabled
Yes
c