Appendix A: Summit Client Utility (SCU)
SCU Security Capabilities
WORKABOUT PRO
3
with Windows Mobile 6.1 User Manual
A
-5
A foundational element of the IEEE 802.11i WLAN security standard is IEEE 802.1X and a
critical application on a mobile device is an 802.1X supplicant. This supplicant provides an
interface between the radio and the operating system and supports the authentication and en-
cryption elements required for 802.11i, also known as Wi-Fi Protected Access 2 (WPA2), as
well as predecessors such as WPA and WEP. Summit software includes an integrated suppli-
cant that supports a broad range of security capabilities, including:
•
802.1X authentication using pre-shared keys or an EAP type, required for WPA2
and WPA.
•
Data encryption and decryption using WPA2 AES, WPA TKIP or WEP.
Common EAP types include:
•
EAP-TLS:
Uses the same technology as a follow-on to Secure Socket Layer (SSL). It
provides strong security, but relies on client certificates for user authentication.
•
PEAP:
Provides secure user authentication by using a TLS tunnel to encrypt EAP traf-
fic. Two different inner methods are used with PEAP:
•
EAP-MSCHAPV2, resulting in PEAP-MSCHAP: This is appropriate for use against
Windows Active Directory and domains.
•
EAP-GTC, resulting in PEAP-GTC: This is for authentication with one-time passwords
(OTPs) against OTP data bases such as SecureID.
•
LEAP:
Is an authentication method for use with Cisco WLAN access points. LEAP
does not require the use of server or client certificates. LEAP supports Windows Active
Directory and domains but requires the use of strong passwords to avoid vulnerability to
off-line dictionary attacks.
•
EAP-FAST:
Is a successor to LEAP and does not require strong passwords to protect
against off-line dictionary attacks. Like LEAP, EAP-FAST does not require the use of
server or client certificates and supports Windows Active Directory and domains.
SCU EAP Types
The following EAP types are supported by the integrated supplicant and can be configured
in SCU: PEAP-MSCHAP, PEAP-GTC, LEAP and EAP-FAST. With each of these four
types, if authentication credentials are not stored in the profile, you will be prompted to enter
credentials the first time the radio attempts to associate to an access point that supports
802.1X (EAP).
Consider the following when configuring one of the EAP types:
•
PEAP-GTC
: SCU supports static (login) passwords only.
Note: PEAP and EAP-TLS require the use of Windows facilities for the configuration
of digital certificates.
Summary of Contents for WORKABOUT PRO 7527C-G2
Page 4: ......
Page 18: ......
Page 20: ......
Page 25: ...1 3 2 The WORKABOUT PRO3 S Hand Held Figure 1 2 WORKABOUT PRO3 S with QWERTY Keyboard...
Page 76: ......
Page 140: ......
Page 262: ......
Page 266: ......
Page 302: ......
Page 304: ...286 WORKABOUT PRO 3 with Windows Mobile 6 1 User Manual 8 5 5 1 HHP5180 Imager Decode 318...
Page 348: ......
Page 352: ......
Page 374: ......
Page 434: ......