81
www.gateway.com
Comparison of security modes for key management, authentication, and
encryption algorithms
The three major factors that determine the effectiveness of a security protocol are:
■ How the protocol manages keys
■ Presence or absence of integrated user authentication in the protocol
■ Encryption algorithm or formula the protocol uses to encode/decode the data
Following is a list of the security modes available on the Gateway 7001 Series self-managed
AP along with a description of the key management, authentication, and encryption
algorithms used in each mode. We include some suggestions as to when one mode might
be more appropriate than another.
When to use plain text
Plain text mode by definition provides no security. In this mode, the data is not encrypted
but rather sent as plain text across the network. No key management, data encryption,
or user authentication is used.
Recommendations
Plain text mode is not recommended for regular use on the internal network because it
is not secure.
Plain text mode is the only mode in which you can run the guest network, which is by
definition an unsecure LAN always virtually or physically separated from any sensitive
information on the internal LAN.
Therefore, use plain text mode on the guest network, and on the internal network for initial
setup, testing, or problem solving only.
For information on how to configure plain text mode, see “Plain-text” on page 88.
When to use static WEP
Static Wired Equivalent Privacy (WEP) is a data encryption protocol for 802.11 wireless
networks. All wireless stations and access points on the network are configured with a static
64-bit (40-bit secret key + 24-bit initialization vector (IV)) or 128-bit (104-bit secret key +
24-bit IV) Shared Key for data encryption.