beautypg.com

1 encryption, 2 authentication, 3 restricted access – ZyXEL Communications 802.11g Wireless Access Point ZyXEL G-560 User Manual

Page 67: 4 hide g-560 identity, 6 wep overview, 1 data encryption, 1 data encryption 6.6.2 authentication

background image

ZyXEL G-560 User’s Guide

Chapter 6 Wireless Screens

67

6.5.1 Encryption

• Use WPA(2) security if you have WP(2)A-aware wireless clients and a RADIUS server.

WPA(2) has user authentication and improved data encryption over WEP.

• Use WPA(2)-PSK if you have WPA(2)-aware wireless clients but no RADIUS server.
• If you don’t have WPA(2)-aware wireless clients, then use WEP key encrypting. A

higher bit key offers better security at a throughput trade-off. You can use the passphrase
feature to automatically generate WEP keys or manually enter WEP keys.

6.5.2 Authentication

Use a RADIUS server with WPA or IEEE 802.1x key management protocol.

See the appendix for information on protocols used when a client authenticates with a
RADIUS server via the G-560.

6.5.3 Restricted Access

The MAC Filter screen allows you to configure the AP to give exclusive access to devices
(Allow Association) or exclude them from accessing the AP (Deny Association).

6.5.4 Hide G-560 Identity

If you hide the ESSID, then the G-560 cannot be seen when a wireless client scans for local
APs. The trade-off for the extra security of “hiding” the G-560 may be inconvenience for some
valid WLAN clients. If you don’t hide the ESSID, at least you should change the default one.

6.6 WEP Overview

WEP (Wired Equivalent Privacy) as specified in the IEEE 802.11 standard provides methods
for both data encryption and wireless station authentication.

6.6.1 Data Encryption

WEP provides a mechanism for encrypting data using encryption keys. Both the AP and the
wireless stations must use the same WEP key to encrypt and decrypt data. Your G-560 allows
you to configure up to four 64-bit, 128-bit or 256-bit WEP keys, but only one key can be
enabled at any one time.

6.6.2 Authentication

Three different methods can be used to authenticate wireless stations to the network: Open
System, Shared and Auto. The following figure illustrates the steps involved.

See also other documents in the category ZyXEL Communications Hardware: