Psion Teklogix 9160 G2 Wireless Gateway User Manual 95
Chapter 10: Configuring Security
Comparison Of Security Modes For Key Management, Authentication And Encryption Algorithms
Additionally, compatibility issues may be cumbersome because of the variety of
authentication methods supported and the lack of a standard implementation method.
Therefore, IEEE 802.1x mode is not as secure a solution as Wi-Fi Protected Access
(WPA) or WPA2. If you cannot use WPA because some of your client stations do
not have WPA, then a better solution than using IEEE 802.1x mode is to use WPA
Enterprise mode.
See Also
For information on how to configure IEEE 802.1x security mode, see “IEEE
802.1x” on page 107.
10.1.2.4 When To Use WPA Personal
Wi-Fi Protected Access Personal Pre-Shared Key (PSK) is an implementation of the
Wi-Fi Alliance IEEE 802.11h standard, which includes Advanced Encryption Algo-
rithm (AES), Counter mode/CBC-MAC Protocol (CCMP), and Temporal Key
Integrity Protocol (TKIP) mechanisms. This mode offers the same encryption algo-
rithms as WPA 2 with RADIUS but without the ability to integrate a RADIUS
server for user authentication.
This security mode is backwards-compatible for wireless clients that support only
the original WPA.
Recommendations
WPA Personal is not recommended for use with the 9160 G2 Wireless Gateway
when WPA Enterprise is an option.
Key Management Encryption Algorithms User Authentication
WPA Personal provides
dynamically-generated
keys that are periodically
refreshed.
There are different
Uni-
cast
keys for each station.
• Temporal Key Integrity Protocol
(TKIP).
• Counter mode/CBC-MAC Proto-
col (CCMP) Advanced Encryp-
tion Standard (AES).
The use of a Pre-Shared (
PSK
) key provides
user authentication similar to that of shared
keys in
WEP
.
Table 10.3 WPA Personal Security Mode