ProSafe Dual Band Wireless Access Point WAG102 Reference Manual (802.11a/g)
Basic Installation and Configuration
2-3
v2.0, September 2006
Understanding WAG102 Wireless Security Options
Your wireless data transmissions can be received well beyond your walls by anyone with a
compatible adapter. For this reason, use the security features of your wireless equipment. The
WAG102 Wireless Access Point provides highly effective security features, which are covered in
detail in this chapter. Deploy the security features appropriate to your needs.
Figure 2-1
There are several ways you can enhance the security of your wireless network:
•
Restrict Access Based on MAC address.
You can restrict access to only trusted PCs so that
unknown PCs cannot wirelessly connect to the WAG102. MAC address filtering adds an
obstacle against unwanted access to your network, but the data broadcast over the wireless link
is fully exposed.
•
Turn Off the Broadcast of the Wireless Network Name (SSID).
If you disable broadcast of
the SSID, only devices that have the correct SSID can connect. This nullifies the wireless
network “discovery” feature of some products such as Windows XP, but the data is still fully
exposed to a determined snoop using specialized test equipment like wireless sniffers.
•
Use WEP.
Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
Shared Key authentication and WEP data encryption will block all but the most determined
eavesdropper.
•
Use WPA or WPA-PSK.
Wi-Fi Protected Access (WPA) data encryption provides data
security. The very strong authentication along with dynamic per frame rekeying of WPA make
it virtually impossible to compromise. Because this is a new standard, wireless device driver
and software availability may be limited.
.O3ECURITY%ASYBUTNOSECURITY
-!#!CCESS,IST.ODATASECURITY
7%03ECURITYBUTVULNERABLE
70!OR70!03+6ERYSTRONGSECURITY
:LUHOHVV'DWD
6HFXULW\2SWLRQV
5DQJH8SWR)RRW5DGLXV
3:5
/$1
B
0RO3AFE7IRELESS!CCESS0OINT
-/$%,
-%
:LUHOHVV/$1
WAG102