Marvell MC8687P User Manual Download Page 7 | Manualshive

Page: 7 / 57

background image

MC8687P Mini PCIe WLAN Client Card User’s Guide

________________________________________________________________________

________________________________________________________________________

Doc. No________ Rev.V1.0

Confidential

Copyright © 2007 Marvell

Page

7

Document Classification: Proprietary Information

December 28, 2007

2.3 Security

Implementing a security infrastructure to monitor physical access to WLAN
networks is more difficult than monitoring access on wired networks. Unlike
wired networks where a physical connection is required, anyone within the range
of a wireless AP can send and receive frames, as well as listen for frames being
sent.

IEEE 802.11 and IEEE 802.1X define a set of standards and protocols for use in
minimizing the security risks on wireless networks. These include the
authentication modes used to authenticate the wireless client station and the
wireless AP to be connected, complemented by different encryption methods used
for data to be transmitted over the wireless network. Four of these security
standards are as follows:

•

802.1X-802.1X

authentication provides authenticated access to 802.11

wireless networks and to wired Ethernet networks. 802.1X minimizes
wireless network security risks by providing user and computer
identification, centralized authentication, and encryption services based on
the Wired Equivalent Privacy (WEP) algorithm. 802.1X supports the
Extensible Authentication Protocol (EAP). EAP allows the use of different
authentication methods, such as smart cards and certificates.

•

Wired Equivalent Privacy (WEP)

– WEP is a basic securing

implementation according to the IEEE 802.11 standard. Due to various
security issues WEP encryption is vulnerable and was therefore
superseded by WPA and WPA2 encryption.

•

Wi-Fi Protected Access (WPA)

– WPA is a security implementation

based on a subset of the 802.11i standard. WPA provides enhanced
security for wireless networks when used with the Temporal Key Integrity
Protocol (TKIP) and the Message Integrity Check (MIC) algorithms.

•

Wi-Fi Protected Access 2 (WPA2)

– WPA2 is the next generation Wi-Fi

security, based on the final 802.11i standard. WPA2 offers the strongest
available security in the form of Advanced Encryption Standard (AES)
level encryption, plus faster roaming between APs.

Security Configurations

The Marvell Wireless Configuration Utility supports the following security
features:

•

Authentication Modes

o

Open System

o

Shared Key

o

Auto Switch

o

WPA – PSK

o

WPA2-PSK

o

WPA

«
...
5
6
7
8
9
...
»

Summary of Contents for MC8687P

Page 1: ...WLAN Client Card User s Guide Documentation No ____ Marvell Semiconductor Inc Marvell Semiconductor Corporation 5488 Marvell Lane Santa Clara CA 95054 Copyright 2007 Marvell Semiconductor Corporation All rights reserved ...

Page 2: ...ormation 10 3 1 3 Signal Strength Wireless Mode Indicator 12 3 1 5 Actual Throughput Performance 13 3 1 6 Radio On Off Check Box 14 3 2 Profile Manager Tab 15 3 2 1 Profile Setting Network Info Tab 16 3 2 2 Profile Setting Security Tab 18 3 2 3 Legacy Authentication Modes 19 3 2 4 802 1X Authentication Modes 22 3 2 5 Profile Setting Protocol Tab 39 3 3 Site Survey Tab 40 3 3 1 Site Survey Network ...

Page 3: ... Information December 28 2007 3 7 4 Admin Tab Stop Windows Wireless Zero Configuration Service 50 3 8 About Tab 50 3 9 Wi Fi Testing Tab 50 A Compliance Statements 52 A 1 Federal Communication Commission FCC Compliance 52 A 1 1 Transmitter Module Approval Conditions 52 A 1 2 USA Federal Communication Commission FCC 52 A 2 Industry Canada Notice 53 A 3 Europe EU Declaration of Conformity 54 Product...

Page 4: ...send and receive information to other wireless clients without using an AP In comparison to Infrastructure mode this type of WLAN connection only contains wireless client Ad Hoc mode is useful for establishing a network where wireless infrastructure does not exist or where services are not required Two or more computers can establish an Ad Hoc network when within range of one another Ad Hoc mode i...

Page 5: ...art menu or from the Desktop Start menu Start Marvell Wireless Configuration Utility Start Program Marvell Marvell Wireless Configuration Utility Desktop Double click the Marvell Wireless Configuration Utility Icon Figure 1 Marvell Wireless Configuration Utility Icon 2 2 1 Windows XP and Windows Server 2003 Users For the Windows XP and Windows Server 2003 either the Windows Wireless Zero Configura...

Page 6: ...___________________________ Doc No________ Rev V1 0 Confidential Copyright 2007 Marvell Page 6 Document Classification Proprietary Information December 28 2007 Figure 2 Admin Tab Stop Windows Wireless Zero Configuration Service 2 2 2 Tray Status Icons Different icons in the system tray indicate the status of the wireless connection Figure 3 Tray Status Icons Window ...

Page 7: ... wireless networks and to wired Ethernet networks 802 1X minimizes wireless network security risks by providing user and computer identification centralized authentication and encryption services based on the Wired Equivalent Privacy WEP algorithm 802 1X supports the Extensible Authentication Protocol EAP EAP allows the use of different authentication methods such as smart cards and certificates W...

Page 8: ...hentication Protocol including support for Cisco Compatible Extensions CCX EAp Transport layer Security EAP TLS equivalent to Microsoft Smart Card or other Certificate Protected EAP PEAP EAP Tunneled TLS Authentication Protocol EAP TTLS Light EAP LEAP EAP Flexible Authentication via Secure Tunneling EAP FAST Encryption Methods o Security Off o WEP including support for Cisco Message Integrity Chec...

Page 9: ...n Utility initializes on this page Profile Manager displays the current profiles and allows the user to set attributes for network type security options and protocols as well as create modify delete profiles Site Survey displays site survey information Statistics displays the statistics of the current session Advanced used to set protocol parameters AutoLink to set AutoLink connection Admin used t...

Page 10: ... tab displays the status of the network When the Marvell Wireless Configuration Utility initializes it displays the Network Status tab Figure 4 Network Status Tab 3 1 1 Select Profile The Select Profile section displays the name of the profile in use Addition information about the profile is provided in the Profile Manager Select on of the profiles previously defined by clicking the down arrow a h...

Page 11: ...ble APs and wireless stations in the area Waiting for peer Waiting for a peer station to connect to the wireless network Ad Hoc network only Network SSID Network SSID label i e Network Name The Network Name is a text string of up to 32 characters Network type Type of environment connected to Infrastructure Mode In this mode wireless clients send and receive information through APs The APs are stra...

Page 12: ...he Profile Setting of the Profile Manager tab Configure security settings also through the Site Survey tab when connecting to a network Tx Rx Rates Current Tx Rate and Rx Rate of the channel being monitored 3 1 3 Signal Strength Wireless Mode Indicator The color coded Signal strength bar displays the signal strength of the last packet received by the client card Figure 7 Signal Strength Bar Signal...

Page 13: ...The format of an IP address is a 32 bit numeric address written as four numbers separated by periods Each number can be 0 to 255 Subnet Mask A mask used to determine what subnet an IP address belongs to An IP address has two components the network part and the host part The subnet mask specifies the network part of the IP address Default Gateway The default node on a network that serves as an entr...

Page 14: ...f check box turns off the radio Clearing the check box turns on the radio Figure 10 Radio On Off Check Box Another way to turn the radio on or off is to right click the Configuration Utility icon in System Tray and select Turn Radio Off to turn the radio off When the radio is off select Turn Radio On to turn the radio back on Figure 11 Radio On Off in the System Tray The system hot key Alt F2 can ...

Page 15: ...Profile List This section on the left side of this tab lists all of the profiles available Highlighting a profile selects it If the check box next to the profile selected that profile is used in auto configuration mode when the link is lost If it is not selected that profile is excluded in auto configuration The buttons associated with this window are also follows Profile List Section Description ...

Page 16: ...st have higher priority than selected profiles at the bottom of the list Delete Deletes a profile Create Creates a profile Save Saves changes made to a selected profile Profile Manger Profile Setting The Profile Settings are used to set modify and display information about the profile selected in the Profile list section The information is divided into three tabs Network Info Security Protocol 3 2...

Page 17: ...ucture connects to an existing infrastructure network Ad Hoc Either connects to an existing Ad Hoc network of initiates a new Ad Hoc network Wireless Mode Auto Connects to an 802 11g network or to an 802 11b network 802 11g Connects to an 802 11g network or to an 802 11b network 802 11b Connects to an 802 11b network only Preferred Channel channel being used for an Ad Hoc network initiated by the ...

Page 18: ... Wireless Mode and Preferred Channel are used only when a new Ad Hoc network is initiated by the client card These two attributes are ignored when the client card is connected to an existing Ad Hoc network with the same desired SSID 3 2 2 Profile Setting Security Tab Clicking the Security tab displays the following security options Authentication Mode Encryption Method Security off WEP TKIP and AE...

Page 19: ...ion modes no key or a pre shared WEP key is required WPA PSK WPA Pre Shared Key WPA2 PSK WPA2 Pre Shared Key If Open System or Auto Switch is selected as Authentication Mode Security Off and WEP are available as Encryption Method If Shared Key is selected as Authentication Mode WEP is pre selected as Encryption Method For details on how to configure the WEP key s see Section 3 2 3 1 If WPA PSK or ...

Page 20: ...red Key and Auto Switch is identical 1 Click Configure WEP Keys The Configure WEP Key window is displayed For a detailed description of this window see the WEP Key Configuration Window Description on next page Figure 17 WEP Key Configuration Window 2 Select the required Key Format and Key Size 3 Enter the Transmit Key s Note Up to four WEP keys are supported The WEP key used for the transmission m...

Page 21: ...al digits Key Size 40 bit 5 characters ASCII key size 40 bit 10 hexadecimal digits 104 bit 13 characters ASCII key size 104 bit 26 hexadecimal digits Transmission Key Key Value Key to be used as transmit key the key value is in ASCII or hexadecimal depending on the format selected The key value size shown depends on the key size selected 3 2 3 2 WPA_PSK WPA2 PSK Figure 19 Security Tab WPA2 PSK wit...

Page 22: ...2 1X authentication modes 802 1X Open System with 802 1X Authentication EAP TLS PEAP EAP TTLS LEAP or EAP FAST WPA WPA with 802 1X Authentication EAP TLS PEAP EAP TTLS LEAP or EAP FAST WPA2 WPA2 with 802 1X Authentication EAP TLS PEAP EAP TTLS LEAP or EAP FAST For all 802 1X authentication modes CCX support can be enabled If 802 1X Open System is selected as Authentication Mode WEP is pre selected...

Page 23: ...ev V1 0 Confidential Copyright 2007 Marvell Page 23 Document Classification Proprietary Information December 28 2007 3 2 4 1 802 1X WPA WPA2 with EAP TLS Figure 20 Security Tab WPA2 with EAP TLS Use Certificate The definition of the EAP TLS authentication protocol for the authentication modes 802 1X WPS and WPA2 is identical 1 Select EAP TLS Use Certificate as 802 1X Authentication Protocol 2 Clic...

Page 24: ...__________________________ Doc No________ Rev V1 0 Confidential Copyright 2007 Marvell Page 24 Document Classification Proprietary Information December 28 2007 Figure 21 EAP TLS Use Certificate Configuration Window Client Authentication Tab 3 On the Client Authentication tab enter your Login Name 4 Click Browse Figure 22 Select Certificate Window Client Certificates ...

Page 25: ...If required certificate is not yet installed on your system or if you do not know which certificate to use contact your network administrator 6 Click Select to confirm your selection and to return to the EAP TLS Use Certificate window 7 If you want to specify particular server certificates to be accepted instead of accepting certificate sent by the server click the Server Authentication tab Figure...

Page 26: ...rtificate Store 11 From the Certificate in Store list click the certificate to be the server authentication Note If the required certificate is not you installed on your system or if you do not know which certificate to use contact your network administrator 12 Click Select to confirm your selection and to return to the EAP TLS Use Certificated window 13 If you have selected Accept certificates fr...

Page 27: ... Proprietary Information December 28 2007 15 If CCX compatibility is required select the Enable Cisco Compatibility Extensions CCX check box 16 Click Save to set the configuration 3 2 4 2 802 X WPA WPA2 with PEAP Figure 26 Security Tab WPA2 with PEAP The definition of the PEAP authentication protocol for the authentication modes 802 1X WPA and WPA2 is identical 1 Select Protected EAP PEAP as 802 1...

Page 28: ...7 Figure 27 PEAP Configuration Window Client Authentication Tab 3 On the Client Authentication tab enter your Login Name Password and Domain The domain information is identical 4 From the Inner EAP Protocol list select the EAP protocol to be used If required change the order of preference 5 If you have selected EAP GTC select the credentials to be used for login 6 If you want to specify particular...

Page 29: ...________ Doc No________ Rev V1 0 Confidential Copyright 2007 Marvell Page 29 Document Classification Proprietary Information December 28 2007 Figure 28 PEAP Configuration Window Server Authentication Tab 7 Select the required Server Validation Method 8 For Accept only trusted certificates or Accept certificates from trusted server domain click Add to select the appropriate certificate ...

Page 30: ...er Certificates 9 On the Select Certificate window select the Certificate Store 10 From the Certificate in Store list click the certificate to be the server authentication Note If the required certificate is not you installed on your system or if you do not know which certificate to use contact your network administrator 11 Click Select to confirm your selection and to return to the Protected EAP ...

Page 31: ...usted Domain or Server 13 Click OK to return to the Security tab of the Profile Settings 14 If CCX compatibility is required select the Enable Cisco Compatibility Extensions CCX check box 15 Click Save to set the configuration 3 2 4 3 802 1X WPA WPA2 with EAP TTLS Figure 31 Security Tab WPA2 with EAP TTLS The definition of the EAP TTLS authentication protocol for the authentication modes 802 1X WP...

Page 32: ...ht 2007 Marvell Page 32 Document Classification Proprietary Information December 28 2007 Figure 32 EAP TTLS Configuration Window Client Authentication Tab 3 On the Client Authentication tab enter your Anonymous Login Name Password and Domain The domain information is identical 4 If you want to specify particular server certificates to be accepted instead of accepting any certificate sent by the se...

Page 33: ...______ Doc No________ Rev V1 0 Confidential Copyright 2007 Marvell Page 33 Document Classification Proprietary Information December 28 2007 Figure 33 EAP TTLS Configuration Window Server Authentication Tab 5 Select the required Server Validation Method 6 For Accept only trusted certificates or Accept certificates from trusted server domain click Add to select the appropriate certificate ...

Page 34: ...r Certificates 7 On the Select Certificate window select the Certificate Store 8 From the Certificate in Store list click the certificate to be the server authentication Note If the required certificate is not you installed on your system or if you do not know which certificate to use contact your network administrator 9 Click Select to confirm your selection and to return to the EAP Tunneled TLS ...

Page 35: ...tication Trusted Domain or Server 11 Click OK to return to the Security tab of the Profile Settings 12 If CCX compatibility is required select the Enable Cisco Compatibility Extensions CCX check box 13 Click Save to set the configuration 3 2 4 4 802 1X WPA WPA2 with LEAP Figure 36 Security Tab WPA2 with LEAP The definition of the LEAP authentication protocol for the authentication modes 802 1X WPA...

Page 36: ...f required Login Name Password and Domain to be used for the client authentication Use Windows user name and password is only available if Enable single sign on is selected Note To enable single sign on administrator rights are required Using single sign on authentication for the first time requires a restart of your system after having saved the LEAP configuration 4 If required specify further se...

Page 37: ...onfidential Copyright 2007 Marvell Page 37 Document Classification Proprietary Information December 28 2007 3 2 4 5 802 1X WPA WPA2 with EAP FAST Figure 38 Security Tab WPA2 with EAP FAST The definition of the EAP FAST authentication protocol for the authentication modes 802 1X WPA and WPA2 is identical 1 Select EAP FAST as 802 1X Authentication Protocol 2 Click Configure The EAP FAST Configuratio...

Page 38: ...sword is only available if Enable single sign on is selected Note To enable single sign on administrator rights are required Using single sign on authentication for the first time requires a restart of your system after having saved the LEAP configuration 4 If automatic Protected Access Credential PAC provisioning is required select the Allow Automatic PAC Provisioning check box and enter the appr...

Page 39: ...ab The Protocol tab allows you to set or change the protocol information Figure 40 Protocol Tab Do not Change Settings If this check box is selected the protocol settings is not changed when the profile is applied Use below Settings If the Do not change setting check box is not selected the protocol settings include the following parameters Protocol Descriptions Power Save Mode Sets the power mode...

Page 40: ...g is Auto Select Fragment Threshold Sets the fragmentation threshold the size that packets are fragmented into for transmission The default setting is 2346 RTS CTS Threshold Sets the packet size at which the AP issues a Request To Send RTS or Clear To Send CTS frame before sending the packet The default setting is 2347 Reset Resets the protocol settings to their default values 3 3 Site Survey Tab ...

Page 41: ...play 802 11b Access Points selecting this check box displays all 802 11b APs within range 3 3 2 Site Survey List of Detected Stations This section reports information on the peer to peer Ad Hoc Stations or APs detected Figure 42 Site Survey List of Detected Stations List of Detected Stations Description Network SSID Network SSID label i e the Network Name The Network name is text string MAC Addres...

Page 42: ...Ad Hoc network WMM Wireless Multimedia Enhancements WMM supported by the detected device Network Type Type of environment connected to Ad Hoc or Infrastructure 3 3 3 Site Survey Filter Button Clicking the Filter button displays the Advanced Filter window Figure 43 Site Survey Advanced Filter window Network SSID Any SSID no specific SSID is used when scanning for available networks in the area Find...

Page 43: ...nnels Only Only the specified channel is scanned when searching for available networks in the area Scan Channel to Channels a range of channels are scanned when searching for available networks in the area 3 3 4 Site Survey Refresh Button To request a survey of the wireless networks in the area click Refresh 3 3 5 Site Survey Associate Button To establish a connection select an available network a...

Page 44: ...nection A signal in green indicates a good connection 3 4 2 Transmit Section The Transmit section displays the information on the packets sent Figure 45 Transmit Section Transmit Section Description Total Packet Reports the total number of packets transmitted Unicast Packet Reports the number of packets transmitted by the client that were destined for single network node Multicast Packet Reports t...

Page 45: ...successfully transmitted because the client card did not receive an acknowledgement within the specific period of time RTS Success Reports the number of attempts that were successful RTS Failure Reports the number of attempts that were not successful ACK Error Reports the number of unicast transmit attempts for which no acknowledgement was received 3 4 3 Receiver Section The Receive section displa...

Page 46: ...ification Proprietary Information December 28 2007 Receive Beacons Reports the number of beacons that received after association is established Beacon Loss Reports the number of missing beacons after association is established 3 4 4 Protocol Section The Protocol section displays the information on the protocol status Figure 47 Protocol Section Protocol Section Description Preamble Displays radio p...

Page 47: ... Page 47 Document Classification Proprietary Information December 28 2007 3 5 Advanced Tab The Advanced tab displays the advanced parameters available for the installed Marvell client card Figure 48 Advanced Tab window 3 5 1 Advanced Tab Marvell Wireless Card This section of the Advanced tab reports the type of Marvell client card installed 3 5 1 Advanced Tab Miscellaneous Figure 49 Miscellaneous ...

Page 48: ... loss auto configuration tries to establish a connection to the checked profiles in the Profile Manager window Enable WMM Select this check box to enable disable the Wireless Multimedia Enhancements WMM feature Boost Mode Select this check box to enable Wireless Provisioning Services WPS Worldwide Regulatory Domain Select this check box to set the regulatory domain DFS Mode Not available for b g d...

Page 49: ... Information December 28 2007 Figure 52 AutoLink Tab AutoLink complete TBD AutoLink is complete 3 7 Admin Tab The Admin tab allows you the import and export profiles Figure 53 Admin Tab 3 7 1 Admin Tab Import Profiles To import profile proceed as follows 1 Click Import Profiles 2 Select the path and filename of the profile 3 Click Open 3 7 2 Admin Tab Export Profiles To export profile proceed as f...

Page 50: ...ell Wireless Configuration Utility at system startup recommended 3 7 4 Admin Tab Stop Windows Wireless Zero Configuration Service When using the Marvell Wireless Configuration Utility Marvell recommends turning off the Windows Wireless Zero Configuration Service which is enabled by default Both utilities should not be used at the same time To turn off the Windows Wireless Zero Configuration Servic...

Page 51: ..._____________ ________________________________________________________________________ Doc No________ Rev V1 0 Confidential Copyright 2007 Marvell Page 51 Document Classification Proprietary Information December 28 2007 Figure 55 Wi Fi Tab The Marvell Wi Fi testing description details will be included later ...

Page 52: ...quency and safety standards The radio utilizes the following antennas 1 PIFA antenna with a maximum gain of 3 64 dBi A 1 2 USA Federal Communication Commission FCC This equipment has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules These limits are designed to provide reasonable protection against harmful interference in a residential in...

Page 53: ...he antennas listed below and having a maximum gain of 3 64 dBi Antennas not included in this list or having a gain greater than 3 64 dBi dB are strictly prohibited for use with this device The required antenna impedance is 50 ohms The radio utilizes the following antennas 1 PIFA antenna with a maximum gain of 3 64 dBi 2 Dipole antenna with a maximum gain of 2 7 dBi To reduce potential radio interf...

Page 54: ... that the following telecommunication equipment Manufacturer Marvell Semiconductor Inc Product Marvell Mini PCIe 802 11b g Wireless Client Card Model Type MC8687P Brand Marvell Semiconductor Inc is in conformity with all the provisions of the following EC directive s with meeting the related test standards 99 5 EC Radio Telecommunications Terminal Equipment Directive Article 10 5 Standard ETSI EN ...

Page 55: ...of Telecommunications Taiwan DHCP Dynamic Host Configuration Protocol DSPR DSP Research Inc Japan EAP Extensible Authentication Protocol EC European Community EIRP Equivalent lsotropically Radiated Power EMC Electromagnetic Compatibility EN European Standard ERM Electromagnetic compatibility and Radio spectrum Matters EWC Enhanced Wireless Consortium FAST Flexible Authentication via Secure Tunneli...

Page 56: ...rea Network RSS Radio Standards Specification RTS Request to Send SRRC State Radio Regulation Committee China SSID Service Set Identifier TCP IP Transmission Control Protocol Internet Protocol TKIP Temporal Key Integrity Protocol TLS Transport Layer Security TTLS Tunneled TLS WEP Wired Equivalent Privacy Wi Fi Wireless Fidelity IEEE 802 11 WLAN Wireless Local Area Network WMM Wireless Multimedia E...

Page 57: ...or recipient in the absence of appropriate U S government authorization agrees 1 Not to re export or release any such information consisting of technology software or source code controlled for national security reasons by the U S Export Control Regulation EAR to a national EAR Country Groups D 1 or E 2 2 Not to export the direct product of such technology or such software to EAR Country Groups D ...

Reviews:

No comments

Related manuals for MC8687P

Brand: Aastra Pages: 2

Network Video Recorders

Brand: e-Line Technology Pages: 34

RDX QuikStation 4

Brand: Tandberg Data Pages: 2

Brand: LORD Pages: 9

EK-Vector Radeon RX5700 + XT Backplate

Brand: ekwb Pages: 7

Brand: peplink Pages: 2

Brand: Garland Pages: 43

Enterasys Matrix 2G4082-25

Brand: Enterasys Pages: 58

Brand: Lanner Pages: 38

Brand: IEI Technology Pages: 2

Brand: Xantech Pages: 5

NVR41-4KS2 Series

Brand: Dahua Pages: 452

AH10EN-5A Series

Brand: Delta Pages: 132

Brand: UMAX Technologies Pages: 27

Brand: Net Optics Pages: 2

Brand: Data Translation Pages: 62

Brand: ZALMAN Pages: 9

Brand: Moxa Technologies Pages: 8

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands