Reference Manual for the NETGEAR ProSafe 802.11g Wireless Access Point WG102
3-4
v1.0, November 2005
Wireless Data Security Options
Your wireless data transmissions can be received well beyond your walls by anyone with a
compatible adapter. For this reason, use the security features of your wireless equipment. The
WG102 Access Point provides highly effective security features, which are covered in detail in
this chapter. Deploy the security features appropriate to your needs.
There are several ways you can enhance the security of your wireless network:
•
Use Multiple BSSIDs combined with VLANs.
You can configure combinations of VLANS
and BSSIDs with stronger or less restrictive access security according to your requirements.
For example, visitors could be given wireless Internet access but be excluded from any access
to your internal network.
•
Restrict Access Based on MAC address.
You can restrict access to only trusted PCs so that
unknown PCs cannot wirelessly connect to the WG102. MAC address filtering adds an
obstacle against unwanted access to your network, but the data broadcast over the wireless link
is fully exposed.
•
Turn Off the Broadcast of the Wireless Network Name (SSID).
If you disable broadcast of
the SSID, only devices that have the correct SSID can connect. This nullifies the wireless
network ‘discovery’ feature of some products such as Windows XP, but the data is still fully
exposed to a determined snoop using specialized test equipment like wireless sniffers.
•
Use WEP.
Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
Shared Key authentication and WEP data encryption will block all but the most determined
eavesdropper.
Figure 3-1
1R6HFXULW\(DV\EXWQRVHFXULW\
0$&$FFHVV/LVW1RGDWDVHFXULW\
:(36HFXULW\EXWYXOQHUDEOH
:3$RU:3$36.9HU\VWURQJVHFXULW\
$XWR&HOO(QKDQFHG5)6HFXULW\
:LUHOHVV'DWD
6HFXULW\2SWLRQV
5DQJH8SWR)RRW5DGLXV
3:5
/$1
E
3UR6DIH:LUHOHVV$FFHVV3RLQW
02'(/
:*
:LUHOHVV/$1
WG102
