Support User Manuals

NETGEAR WFS709TP-100NAS Switch User Manual

Open as PDF

of 222

WFS709TP ProSafe Smart Wireless Switch Software Administration Manual

1-10 Overview of the WFS709TP

v1.0, June 2007

Encryption

The Layer 2 encryption option you can select depends upon the authentication method chosen.

Table 1-1 lists the authentication methods available, with their corresponding encryption options.

You can configure the following data encryption options for the WLAN:

• Null. No encryption is used and packets passing between the wireless client and WFS709TP

are in clear text.

• Wired Equivalent Protocol (WEP). Defined by the original IEEE 802.11 standard, WEP

uses the RC4 stream cipher with 40-bit and 128-bit encryption keys. The management and

distribution of WEP keys is performed outside of the 802.11 protocol. There are two forms of

WEP keys:

– Static WEP requires you to manually enter the key for each client and on the WFS709TP.

– Dynamic WEP allows the keys to be automatically derived for each client for a specific

authentication method during the authentication process. Dynamic WEP requires 802.1x

authentication.

• Temporal Key Integrity Protocol (TKIP). TKIP ensures that the encryption key is changed

for every data packet. You specify TKIP encryption for WPA and WPA-PSK authentication.

• Advanced Encryption Standard (AES). AES is an encryption cipher that uses the Counter-

mode CBC-MAC (Cipher Block Chaining-Message Authentication Code) Protocol (CCMP)

mandated by the IEEE 802.11i standard. AES-CCMP is specifically designed for IEEE 802.11

encryption and encrypts parts of the 802.11 MAC headers as well as the data payload. You can

specify AES-CCMP encryption with WPA2 or WPA2-PSK authentication.

• Mixed TKIP/AES-CCM. This option allows the WFS709TP to use TKIP encryption with

WPA or WPA-PSK clients and use AES encryption with WPA2 or WPA2-PSK clients. Mixed

TKIP/AES-CCM allows you to deploy the system in environments containing existing

WLANs that use different authentication and encryption methods.

Table 1-1. Encryption Options by Authentication Method

Authentication Method Encryption Option

None Null or Static WEP

802.1x Dynamic WEP

WPA or WPA-PSK only TKIP

WPA2 or WPA2-PSK only AES

Combination of WPA or WPA-PSK and WPA2 or

WPA2-PSK

Mixed TKIP/AES

previous next