Chapter 2. Installation and Configuration
|
17
ProSafe Wireless-N Access Point WNAP320 Reference Manual
Understanding WNAP320 Wireless Security Options
Anyone wih a compatible wireless adapter can recieve your wireless data transmissions well
beyond your walls. For this reason, use the security features of your wireless equipment. The
access point provides highly effective security features, which are covered in detail in this
chapter. Deploy the security features appropriate to your needs.
Figure 1.
There are several ways you can enhance the security of your wireless network:
•
Restrict access based on MAC address
. You can restrict access to only trusted PCs so
that unknown PCs cannot wirelessly connect to the access point. MAC address filtering
adds an obstacle against unwanted access to your network, but the data broadcast over
the wireless link is fully exposed.
•
Turn off the broadcast of the wireless network name (SSID)
. If you disable broadcast
of the SSID, only devices that have the correct SSID can connect. This nullifies the
wireless network “discovery” feature of some products such as Windows XP, but the data
is still fully exposed to a determined snoop using specialized test equipment like wireless
sniffers.
•
Use WEP
. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
open authentication and WEP data encryption will block all but the most determined
eavesdropper.
•
Use WPA or WPA-PSK, WPA2, or WPA2-PSK
. Wi-Fi Protected Access (WPA) data
encryption provides data security. The very strong authentication along with dynamic per
frame rekeying of WPA make it virtually impossible to compromise. Because this is a new
standard, wireless device driver and software availability might be limited.
Note:
WEP and TKIP provide only legacy (slower) rates of operation.
AES encryption is recommended in order to use the 11n rates and
speed. See