beautypg.com

Wep 128 and keyguard – Brocade Mobility Access Point System Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 423

background image

Brocade Mobility Access Point System Reference Guide

413

53-1003100-01

6

Brocade recommends additional layers of security (beyond WEP 64) be enabled to minimize
the likelihood of data loss and security breaches. WEP enabled WLANs should be mapped to
an isolated VLAN with Firewall policies restricting access to hosts and suspicious network
applications.

WEP 128 and KeyGuard

Configuring WLAN Security

Wired Equivalent Privacy (WEP) is a security protocol specified in the IEEE Wireless Fidelity (Wi -Fi)
standard. WEP is designed to provide a WLAN with a level of security and privacy comparable to
that of a wired LAN.

KeyGuard is a Brocade encryption option used with legacy clients capable of supporting it. It closely
resembled WEP 128 in key structure.

WEP can be used with open, shared, MAC and 802.1 X EAP authentications. WEP is optimal for
WLANs supporting legacy deployments when also used with 802.1X EAP authentication to provide
user and device authentication and dynamic WEP key derivation and periodic key rotation. 802.1X
provides authentication for devices and also reduces the risk of a single WEP key being
deciphered. If 802.1X support is not available on the legacy device, MAC authentication should be
enabled to provide device level authentication.

WEP 128 and KeyGuard use a 104 bit key which is concatenated with a 24-bit initialization vector
(IV) to form the RC4 traffic key. WEP may be all a small-business user needs for the simple
encryption of wireless data. However, networks that require more security are at risk from a WEP
flaw. WEP is only recommended if there are client devices that are incapable of using higher forms
of security. The existing 802.11 standard alone offers administrators no effective method to
update keys.

WEP 128 or Keyguard provide a more robust encryption algorithm than WEP 64 by requiring a
longer key length and pass key. Thus, making it harder to hack through the replication of WEP keys.

To configure WEP 128 encryption on a WLAN:

1. Select the Configuration tab from the Web UI.

2. Select Wireless.

3. Select Wireless LANs to display a high level display of existing WLANs.

4. Select the Add button to create an additional WLAN, or select Edit to modify the properties of

an existing WLAN.

5. Select Security.

6. Select either the WEP 128 or Keyguard radio button from within the Select Encryption field.

The screen populates with the parameters required to define a WEP 128 or KeyGuard
configuration for the WLAN.

See also other documents in the category Brocade Computer Accessories: