LANCOM OAP
-
54
-
1 Wireless – LANCOM OAC
-
54
-
1 Wireless
Chapter 4: Security settings
39
EN
4.1.4
Encryption of the data transfer
A special role comes up to the encryption of data transfer for Wireless LANs.
For IEEE 802.11 radio transfer the supplementing encryption standards are
802.11i/WPA and WEP. The function of the encryption is to ensure the security
level of cable-bound LANs also in Wireless LANs.
Use encryption on the data transferred in the WLAN. Activate the stron-
gest possible encryption available to you ((802.11i with AES, WPA or WEP)
and enter the appropriate keys or passphrases into the access point and
the WLAN clients.
Regularly change the WEP keys in your access points. The passphrases for
802.11i or WPA do not have to be changed regularly as new keys are
generated for each connection anyway. This is not the only reason that the
encryption with 802.11i/AES or WPA/TKIP is so much more secure than
the now aged WEP method.
If the data is of a high security nature, you can further improve the encryp-
tion by additionally authenticating the client with the 802.1x method or
activate an additional encryption of the WLAN connection as used for VPN
tunnels ('IPSec over WLAN'). In special cases, a combination of these two
mechanisms is possible.
Further details to WLAN security and the used encoding methods can
be found in the LCOS reference manual.
4.1.5
802.1x / EAP
The international industry standard IEEE 802.1x and the
E
xtensible
A
uthenti-
cation
P
rotocol (EAP) enables the realization of reliable and secure access
controls for base stations. The access data is centrally administered on a
RADIUS server then, and can be retrieved by the base station if required.
Moreover, this technology makes enables a secured dispatch and a regular
automatic change of WEP keys. In this way IEEE 802.1x improves the protec-
tion efforts of WEP.
In Windows XP the IEEE-802.1x technology is already integrated by default.
For other operating systems 802.1x client software is available.
The drivers for the LANCOM AirLancer wireless cards already feature an inte-
grated 802.1x client.