Filter
Top Products
AT-TQ2403 Management Software User's Guide 59
+ 2
4-bit initialization vector (IV)) or 128-bit (104-bit secret key + 24-bit IV) Shared Key for data
encryption.
Key Management Encryption Algorithm User Authentication
Static WEP uses a fixed key that
is provided by the administrator.
WEP keys are indexed in
different slots (up to four on the
AT-TQ2403 Management
Software).
The client stations must have the
same key indexed in the same
slot to access data on the access
point.
A
n RC4 stream cipher is used
to encrypt the frame body
and cyclic redundancy
checking (CRC) of each
802.11 frame.
If you set the Authentication
Algorithm to Shared Key, this
protocol provides a rudimentary form
of user authentication.
However, if the Authentication
Algorithm is set to Open System,
no authentication is performed.
If the algorithm is set to Both, only
WEP clients are authenticated.
Recommendations
Static WEP w
as designed to provide security equivalent of sending unencrypted data through an
Ethernet connection, however it has major flaws and it does not provide even this intended level of
security.
Therefore, Static WEP is not recommended as a secure mode. The only time to use Static WEP is
when interoperability issues make it the only option available to you and you are not concerned with the
potential of exposing the data on your network.
See Also
For infor
mation on how to configure Static WEP security mode, see “Static WEP
” under “Configuring
Security Settings”.
When to Use IEEE 802.1x
IEEE 802.1x is the standard for passing the Extensible Authentication Protocol (EAP) over an 802.11
wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL). This is a newer, more
secure standard than Static WEP.
Key Management Encryption Algorithm User Authentication
IEEE 802.1x provides
dynamically- generated keys
that are periodically refreshed.
An RC4 stream cipher is used to
encrypt the frame body and cyclic
redundancy checking (CRC) of
each 802.11 frame.
IEEE 802.1x mode supports a
variety of authentication
methods, like certificates,
Kerberos, and public key
authentication with a RADIUS
server.
Recommendations
IE
EE 802.1x mode is a better choice than Static WEP because keys are dynamically generated and
changed periodically. However, the encryption algorithm used is the same as that of Static WEP and is
therefore not as reliable as the more advanced encryption methods such as TKIP and CCMP (AES) used
in Wi-Fi Protected Access (WPA) or WPA2.