Avaya Wireless AP-3 User Manual

Security

4-102 Avaya Wireless AP-3 User’s Guide

WPA provides the following new security measures not available with
WEP:

• Improved packet encryption using the Temporal Key Integrity

Protocol (TKIP) and the Michael Message Integrity Check (MIC).

• Per-user, per-session dynamic encryption keys:

— Each client uses a different key to encrypt and decrypt unicast

packets exchanged with the AP

— A client's key is different for every session; it changes each

time the client associates with an AP

— The AP uses a single global key to encrypt broadcast packets

that are sent to all clients simultaneously

— Encryption keys change periodically based on the Re-keying

Interval parameter

— WPA uses 128-bit encryption keys

• Dynamic Key distribution

— The AP generates and maintains the keys for its clients

— The AP securely delivers the appropriate keys to its clients

• Client/server mutual authentication

— 802.1x

— Pre-shared key (for networks that do not have an 802.1x

solution implemented)