WG103 ProSafe 802.11g Wireless Access Point Reference Manual
3-2
Wireless Security
v1.0, February 2009
There are several ways you can enhance the security of your wireless network:
•
Use Multiple BSSIDs combined with VLANs
. You can configure combinations of VLANS
and BSSIDs with stronger or less restrictive access security according to your requirements.
For example, visitors could be given wireless Internet access but be excluded from any access
to your internal network. For information about how to configure BSSIDs, see
“Creating and
Editing Security Profiles” on page 3-5
.
•
Restrict Access based by MAC address
. You can allow only trusted PCs to connect so that
unknown PCs cannot wirelessly connect to the wireless access point. Restricting access by
MAC address adds an obstacle against unwanted access to your network, but the data
broadcast over the wireless link is fully exposed. For information about how to restrict access
by MAC address, see
“Restricting Wireless Access by MAC Address” on page 3-14
.
•
Turn off the broadcast of the wireless network name (SSID)
. If you disable broadcast of the
SSID, only devices that have the correct SSID can connect. This nullifies the wireless network
discovery feature of some products, such as Windows XP, but the data is still exposed. For
information about how to turn of broadcast of the SSID, see
“Creating and Editing Security
Profiles” on page 3-5
.
•
WEP
. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared
Key authentication and WEP data encryption block all but the most determined eavesdropper.
This data encryption mode has been superseded by WPA-PSK and WPA2-PSK. For
information about how to configure WEP, see
“Configuring WEP” on page 3-10
.
Figure 3-1