SMC Networks SMC2552W-G2-17 User Manual

Radio Interface

6-63

6

• Wi-Fi Protected Access (WPA or WPA2)page 6-73

Both WEP and WPA security settings are configurable separately for each virtual
access point (VAP) interface. MAC address filtering, and RADIUS server settings
are global and apply to all VAP interfaces.

The security mechanisms that may be employed depend on the level of security
required, the network and management resources available, and the software
support provided on wireless clients.

A summary of wireless security considerations is listed in the following table.

Table 6-2. Wireless Security Considerations

Security

Mechanism

Client Support

Implementation Considerations

WEP

Built-in support on all 802.11g

devices

• Provides only weak security
• Requires manual key management

WEP over 802.1X Requires 802.1X client support

in system or by add-in software
(support provided in Windows

2000 SP3 or later and Windows

XP)

• Provides dynamic key rotation for improved WEP

security

• Requires configured RADIUS server
• 802.1X EAP type may require management of

digital certificates for clients and server

MAC Address

Filtering

Uses the MAC address of client

network card

• Provides only weak user authentication
• Management of authorized MAC addresses
• Can be combined with other methods for improved

security

• Optionally configured RADIUS server

WPA over 802.1X

Mode

Requires WPA-enabled system

and network card driver
(native support provided in

Windows XP)

• Provides robust security in WPA-only mode

(i.e., WPA clients only)

• Offers support for legacy WEP clients, but with

increased security risk (i.e., WEP authentication

keys disabled)

• Requires configured RADIUS server
• 802.1X EAP type may require management of

digital certificates for clients and server

WPA PSK Mode

Requires WPA-enabled system

and network card driver
(native support provided in

Windows XP)

• Provides good security in small networks
• Requires manual management of pre-shared key