D-Link DWL-2200AP Инструкция по эксплуатации онлайн [68/192] 41488

D-Link DWL-2200AP Инструкция по эксплуатации онлайн [68/192] 41488
68
IEEE 802.1x mode supports a
variety of authentication
methods, like certificates,
Kerberos, and public key
authentication with a RADIUS
server.
You have a choice of using the
D-Link DWL-2210AP
embedded RADIUS server or
an external RADIUS server.
The embedded RADIUS
server supports Protected
EAP (PEAP) and MSCHAP V2.
IEEE 802.1x provides
dynamically-
generated keys that
are periodically
refreshed.
There are different
Unicast keys for
each station.
An RC4 stream cipher is used to
encrypt the frame body and cyclic
redundancy checking (CRC) of
each 802.11 frame.
Key Management Encryption Algorithm User Authentication
Recommendations
IEEE 802.1x mode is a better choice than Static WEP because keys are dynamically
generated and changed periodically. However, the encryption algorithm used is the same
as that of Static WEP and is therefore not as reliable as the more advanced encryption
methods such as TKIP and CCMP (AES) used in Wi-Fi Protected Access (WPA).
Additionally, compatibility issues may be cumbersome because of the variety of
authentication methods supported and the lack of a standard implementation method.
Therefore, IEEE 802.1x mode is not as secure a solution as Wi-Fi Protected Access
(WPA). If, you cannot use WPA because some of your client stations do not have WPA,
then a better solution than using IEEE 802.1x mode is to use WPA with RADIUS
mode instead and check the “Allow non-WPA IEEE 802.1x clients” checkbox to
allow non-WPA clients. This way, you get the benefit of IEEE 802.1x key management
for non-WPA clients along with even better data protection of TKIP and CCMP (AES) key
management and encryption algorithms for your WPA clients.
See Also
For information on how to configure IEEE 802.1x security mode, see “IEEE 802.1x”
under “Configuring Security Settings” in this manual.
When to Use WPA with RADIUS
Wi-Fi Protected Access (WPA) with Remote Authentication Dial-In User Service
(RADIUS) is a Wi-Fi Alliance subset of IEEE 802.11i, which includes Temporal Key
Integrity Protocol (TKIP), Counter mode/CBC-MAC Protocol (CCMP), and Advanced
Encryption Standard (AES) mechanisms. This mode requires the use of a RADIUS
server to authenticate users. WPA with RADIUS provides the best security available for
wireless networks.
Configuring Security

Содержание

Скачать