5 | Understanding Wireless Security
Anyone within range of your wireless network is a potential security risk. Without
wireless security options configured on your network, a person outside of your
physical location, but within your wireless range may be able to access the
network and any data that is being transmitted over it. SMC Networks’ wireless
devices support the wireless security standard called Wired Equivalent Privacy
(WEP) to prevent unauthorized users from accessing your network over a
wireless connection. This security feature uses a secure network key, called a
WEP key. The WEP key encrypts wireless data so that it is only readable by other
computers that have the matching WEP key. The WEP key is stored on each
wireless device, so that data can be encrypted and decrypted as it is transmitted
over the network.
While the Institute of Electrical & Electronics Engineers (IEEE) 802.11i standard
is being finalized, an interim solution called Wi-Fi Protected Access (WPA) has
been introduced. The EZ Connect™ g Wireless Ethernet Bridge is the first device
of its kind to support this new wireless security specification. WPA defines a set
of interoperable security enhancements that greatly improve upon the level of
data encryption and authentication or access control for existing and future
wireless LAN systems. WPA includes Extensible Authentication Protocol (EAP),
Temporal Key Integrity Protocol (TKIP) and 802.1X for authentication and
dynamic key exchange. In the WPA-enabled network, the client first associates
with the Access Point. The Access Point does not allow network access until the
user can be successfully authenticated. If the client shows the correct credentials
to the Remote Authentication Dial-In User Service (RADIUS) server, the client is
allowed to join the network. If not, the client stays blocked from joining the LAN.
Once the client joins the network, the authentication server distributes a TKIP
encryption key to both the client and the Access Point. The client can then begin
communicating on the network and maintain the connection, encrypting data
back and forth with the Access Point. Note that for environments without a
Remote Authentication Dial-In User Service (RADIUS) infrastructure, WPA
supports the use of a pre-shared key (PSK). WPA-PSK specifies that encryption
keys be dynamically changed (called rekeying) and authenticated between
devices after a specified period of time, or after a specified number of packets
has been transferred.
If you are transferring private information over this wireless connection, it is
recommended to enable WEP or WPA for your EZ Connect™ g Wireless Ethernet
Bridge.