D-Link DWL-1000AP [18/24] Managing security

D-Link DWL-1000AP [18/24] Managing security
10
Managing Security
Maintaining security in a wireless LAN environment is somewhat different from a wired
network, because the radio waves are not confined with the building. Eavesdropping or
unauthorized access from outside your building can be a serious threat.
There are three types of actions involved:
Protecting your data while it is transferred from one station to another. Encryption
techniques will be necessary in most environments (Data Privacy).
Control who can make use of the wireless network (Access Control).
Protecting your network configuration against tampering from both inside and
outside your organization (Secure Management).
Data Privacy An DWL-1000AP supports three different data privacy algorithms:
unencrypted data; standardized IEEE 802.11 WEP (based on a 40 bit
shared key), and No Wires Needed AirLock™ (based on automatically
generated 128 bit session keys).
Access
Control
The IEEE 802.11 standard allows for Access Control rules based on
the client station’s hardware address, and is fully implemented by the
DWL-1000AP. If AirLock™ is enabled, the hardware address is also
verified using cryptographic techniques. See the section on AirLock™
Security Architecture.
Secure
Management
The primary protection against tampering for any SNMP agent is the
Write Community String (WCS), which functions as a password for
network management commands. The WCS is sent over your network
in plain text, making it vulnerable to eavesdropping from within your
organization. The WCS is never sent over the radio, however.
If you want you can lock your Access Points. After being locked they
can no longer be managed via SNMP. Press the pinhole Reset switch
on the back-panel of the Access Point to unlock the Access Point.
Скачать