White Paper. Overview of WLAN Security Functions WLAN Access Point. WLAN Security Functions Release 01 06/10. Technical Support

Size: px
Start display at page:

Download "White Paper. Overview of WLAN Security Functions WLAN Access Point. WLAN Security Functions Release 01 06/10. Technical Support"

Transcription

1 White Paper Overview of WLAN Access Point Technical Support

2 The naming of copyrighted trademarks in this manual, even when not specially indicated, should not be taken to mean that these names may be considered as free in the sense of the trademark and tradename protection law and hence that they may be freely used by anyone Hirschmann Automation and Control GmbH Manuals and software are protected by copyright. All rights reserved. The copying, reproduction, translation, conversion into any electronic medium or machine scannable form is not permitted, either in whole or in part. An exception is the preparation of a backup copy of the software for your own use. For devices with embedded software, the end-user license agreement on the enclosed CD applies. The performance features described here are binding only if they have been expressly agreed when the contract was made. This document was produced by Hirschmann Automation and Control GmbH according to the best of the company's knowledge. Hirschmann reserves the right to change the contents of this document without prior notice. Hirschmann can give no guarantee in respect of the correctness or accuracy of the information in this document. Hirschmann can accept no responsibility for damages, resulting from the use of the network components or the associated operating software. In addition, we refer to the conditions of use specified in the license contract. You can get the latest version of this manual on the Internet at the Hirschmann product site (www.hirschmann-ac.de). Printed in Germany Hirschmann Automation and Control GmbH Stuttgarter Str Neckartenzlingen Germany Tel.:

3 1 Overview of WLAN security functions The increasingly widespread use of WLAN technology has led to higher demands on security mechanisms to protect the transmitted data from interception by unauthorised persons. Data in a WLAN are transmitted through the air which makes the control and limitation of access to the data far more difficult that with cabled LAN. Advancements have been made since the early days of the IEEE and recent years have seen the development of new functions and standards for the protection of modern WLANs. WLAN security mechanisms generally aim to fulfill the following functions: Authentication Only authorized users should have access to the WLAN and should connect only to their designated access points. Integrity The transmitted data should arrive at the receiver in their original form; manipulated data must be recognized as such and rejected. Confidentiality Unauthorized third parties should not be able to intercept the data traffic. This techpaper provides an overview of the security functions provided by the Hirschmann access points and the Hirschmann wireless routers. Further information about the underlying technology is available from other techpapers; concrete details about configuring the functions in the models are available in the reference manual for the respective version of LCOS. It is recommended that you utilise all of the available security mechanisms for the protection of your wireless networks. You should regularly update the firmware of your devices so that you can use all of the available security functions. 3

4 1.1 WEP64/128/ WEP64/128/152 WEP (Wired Equivalent Privacy) is the function incorporated in the original WLAN standard for the encryption of transmitted data. The primary aim of WEP is the protection of the data from unauthorized interception. This made use of symmetrical keys of various lengths. Embedded in the standard are the basic encryption methods WEP64 and WEP128 which ensure compatibility to all standard client adapters available on the mar The access points and routers also support encryption with WEP152 which makes use of an even longer key. WEP can provide a basic level of encryption that protects the network from unauthorised snoopers. Hackers are at least presented with a slight hurdle that complicates the interception of data. WLANs protected only by WEP are easily "cracked" by experts, so this method can only be recommended for home use whereby the WEP key needs to be changed regularly. Note: More information about WEP is available in the Hirschmann whitepaper "WPA and IEEE i". 4

5 1.2 MAC filter list (ACL) 1.2 MAC filter list (ACL) A simple yet effective method for authentication is the use of a MAC address filter. The MAC addresses of authorised client adapters are entered into a list (ACL Access Control List) in the access point which then only permits WLAN access to authorised users. For larger installations, the ACL can be centrally administered by a RADIUS server. Since an experienced hacker can get around the limitations set by an ACL, this method should not be used as the sole security mechanism. Note: Instructions for setting the ACL are to be found in the LCOS reference manual. 5

6 1.3 Closed Network 1.3 Closed Network Each cell in a wireless network is identified by a network name, the SSID (Service Set Identifier). A client adapter can only connect to a wireless network if it is programmed with the SSID. The factory settings for many wireless networks use the SSID "any", the continued use of which would relieve a potential intruder of the need to find out the wireless LANs SSID. This can be prevented with the Closed Network function. This excludes the option of registering with the SSID "any", each user must know the SSID exactly to be able to log onto the WLAN. Note: Instructions for setting up the Closed Network function are available in the LCOS reference manual. 6

7 1.4 SSID broadcast 1.4 SSID broadcast Access points announce the presence of the available wireless networks by transmitting the SSID. Potential intruders benefit from this public announcement that offers a first step towards entering a WLAN; they can search at random for wireless networks by "scanning" the environment. The SSID broadcast can be suppressed to prevent unauthorised users from finding a network by scanning. The name of the WLAN network will no longer appear in the scanner software's results list. Sophisticated scanning tools are still able to find out the SSID, however. Since these tools do not belong to the standard equipment for WLAN clients, the suppression of the SSID broadcast does present an additional hurdle to intrusion in to the WLAN network. It is not possible to suppress SSID broadcasting in wireless networks that operate with the IEEE a standard. Note: Instructions for supressing the SSID broadcast are available in the LCOS reference manual. 7

8 1.5 WPA & IEEE i 1.5 WPA & IEEE i The WEP data encryption implemented in the IEEE standard has been demonstrated as insufficient for protecting wireless LANs from professional attacks. WPA and IEEE i are significantly improved encryption methods that are now available that address these known security loopholes and offer reliable protection from attack for your wireless networks. Note: More information about WPA and IEEE i is available in the Hirschmann whitepaper "WPA and IEEE i". Instructions for setting up this encryption is available in the LCOS reference manual WPA WPA uses an improved, software-based encryption method to close the security loopholes in WEP. In particular, the dynamic key portion (initial vector) is no longer transmitted unencrypted and, with its 48 bits, is twice as long as with WEP. Further, WPA changes the key regularly so that true session keys are available even without a RADIUS server. WPA in combination with IEEE 802.1x also offers the option of authentication in corporate networks. 8

9 1.5 WPA & IEEE i IEEE i When the hardware-accelerated AES-CCK encryption algorithm is used in combination with IEEE i, an even higher level of encryption than WPA can be achieved which is comparable with VPN. This comes with no loss in performance thanks to the hardware acceleration in the access points and wireless routers. The maximum bandwidth (e. g. up to 108 Mbps in turbo mode) can be used to the full IEEE i with passphrase A simple way of encrypting a WLAN connection with IEEE i in a small network is to set up a "passphrase" for each wireless network. This is entered directly into the access point and client adapter. This passphrase serves as a basis for the calculation of the encryption key per connection and time space for a WLAN connection. Ideally, the passphrases should be as long and as complex as possible, available only to the relevant persons, and should be changed regularly. The weak link is the 'human' factor in the distribution and management of the passphrase. Regular changes in the passphrase and as complex a structure as possible are recommended to address this weakness. Note: Encryption with passphrase according to IEEE i is available with LCOS version 3.50 and higher. 9

10 1.5 WPA & IEEE i IEEE i for point-to-point connections The introduction of IEEE i means that, for the first time, point-to-point (P2P) connections can be directly encrypted; additional protection from VPN is no longer necessary. The hardware acceleration in the Schneider Electric croducts carries out this encryption without loss of performance. Note: Encryption with passphrase according to IEEE i for P2P connections is available with LCOS version 4.00 and higher. 10

11 1.6 IPSec over WLAN 1.6 IPSec over WLAN When using a VPN gateway in the access point, an alternative to IEEE i for encrypting WLAN connections is IPSec. This method is also suitable for making point-to-point connections absolutely secure from attack. Mastering this complex technology is made easy with the devices. Wizards and management tools help with fast configuration. Note: The BSI (the German Federal Office for Information Security) still recommends IPSec via WLAN as the most secure method of WLAN protection. Note: The protection via IPsec over WLAN is available for the Hirschmann devices 18x1 Wireless (A)DSL and 3550 Wireless. 11

12 1.7 IEEE 802.1x 1.7 IEEE 802.1x The protocol IEEE 802.1x in combination with IEEE i in large networks offers the possibility to carry out an authentication of every single WLAN connection. The exchange of keys or passphrases is unnecessary for this. Advanced knowledge of networking is a requirement for establishing IEEE x infrastructure, as is a CA server and an IEEE 802.1x server. This makes this application most realistic for larger company networks. Note: Further information about IEEE 802.1x can be found in the Hirschmann whitepaper "IEEE 802.1x". Note: Encryption with IEEE i with IEEE 802.1x is available with LCOS version 3.52 and higher. 12

13 1.8 Public Spot 1.8 Public Spot The Public Spot Option enables authentication within a WLAN network. Unlike IEEE 802.1x there is no subsequent encryption of the connection, however. The Public Spot Option is thus suited to monitoring the utilisation, for charging, and for surveillance. The Public Spot Option is simple to implement even in small networks as further servers are not necessary. This option can be expanded to almost any extent in combination with a RADIUS server and external accounting software. 13

14 1.9 LEPS 1.9 LEPS With LEPS (LANCOM Enhanced Passphrase Security), Hirschmann has developed an efficient method that makes use of the simple configuration of IEEE i with passphrase, but that avoids the potential error sources in passphrase distribution. LEPS uses an additional column in the ACL to assign an individual passphrase consisting of any 4 to 64 ASCII characters to each MAC address. The connection to the access point and the subsequent encryption with IEEE i or WPA is only possible with the right combination of passphrase and MAC address. This combination makes the spoofing of the MAC addresses futile and LEPS thus shuts out a potential attack on the ACL. If WPA or IEEE i are used for encryption, the MAC address can indeed be intercepted but this method never transmits the passphrase over wireless. This greatly increases the difficulty of attacking the WLAN as the combination of MAC address and passphrase requires both to be known before an encryption can be negotiated. LEPS can be used both locally in the device and centrally managed with a RADIUS server. LEPS works with all WLAN client adapters available on the market without any modification. Full compatibility to third-party products is assured as LEPS only involves configuration in the access point. An additional security aspect: LEPS can also be used to secure single pointto-point (P2P) connections with an individual passphrase. Even if an access point in a P2P installation is stolen and the passphrase and MAC address become known, all other WLAN connections secured by LEPS remain secure, particularly when the ACL is stored on a RADIUS server. Note: The setup of individual passphrases per MAC address is available as of LCOS version

15 1.10 MultiSSID 1.10 MultiSSID MultiSSID enables up to eight logical WLAN networks to operate on just one physical WLAN interface each with its own SSID. This method allows one single access point to support multiple WLAN networks, each with different security settings. This means that a single access point can simultaneously support one WLAN that is completely open and another that is protected with IEEE i, for example. Note: The deployment of MultiSSID is available with LCOS versions 3.42 and later. Note: Further information about MultiSSID can be found in the Hirschmann whitepaper "MultiSSID". 15

16 1.11 VLAN 1.11 VLAN Virtual networks (VLANs) enable the security measures for logical WLANs to be "extended" into the cabled network. This involves the assignment of each logical wireless network to a certain virtual network. Data traffic from particularly security sensitive wireless networks can be protected from eavesdroppers within the normal LAN as well. 16

17 Further support A Further support Technical questions and training courses In the event of technical queries, please contact your local Hirschmann distributor or Hirschmann office. You can find the addresses of our distributors on the Internet: Our support line is also at your disposal: Tel Fax Answers to Frequently Asked Questions can be found on the Hirschmann internet site (www.hirschmann-ac.com) at the end of the product sites in the FAQ category. The current training courses to technology and products can be found under Hirschmann Competence Center In the long term, excellent products alone do not guarantee a successful customer relationship. Only comprehensive service makes a difference worldwide. In the current global competition scenario, the Hirschmann Competence Center is ahead of its competitors on three counts with its complete range of innovative services: Consulting incorporates comprehensive technical advice, from system evaluation through network planning to project planing. Training offers you an introduction to the basics, product briefing and user training with certification. Support ranges from the first installation through the standby service to maintenance concepts. With the Hirschmann Competence Center, you have decided against making any compromises. Our client-customized package leaves you free to choose the service components you want to use. Internet: 17

18

White Paper. Multi-SSID WLAN Access Point. Multi SSID Release 01 06/10. Technical Support HAC.Support@Belden.com

White Paper. Multi-SSID WLAN Access Point. Multi SSID Release 01 06/10. Technical Support HAC.Support@Belden.com White Paper Multi-SSID WLAN Access Point Release 01 06/10 Technical Support HAC.Support@Belden.com The naming of copyrighted trademarks in this manual, even when not specially indicated, should not be

More information

Industrial Communication. Securing Industrial Wireless

Industrial Communication. Securing Industrial Wireless Industrial Communication Whitepaper Securing Industrial Wireless Contents Introduction... 3 Wireless Applications... 4 Potential Threats... 5 Denial of Service... 5 Eavesdropping... 5 Rogue Access Point...

More information

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Hackers can easily trap information transmitted over wireless network, it has to be encrypted to avoid unauthorized users

More information

Nokia E90 Communicator Using WLAN

Nokia E90 Communicator Using WLAN Using WLAN Nokia E90 Communicator Using WLAN Nokia E90 Communicator Using WLAN Legal Notice Nokia, Nokia Connecting People, Eseries and E90 Communicator are trademarks or registered trademarks of Nokia

More information

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved.

White Paper. Wireless LAN Security. Copyright Madge Limited. All rights reserved. White Paper Wireless LAN Security Copyright 2002-2003 Madge Limited. All rights reserved. 1 Introduction As wireless LANs become widely deployed, and the business benefits become clear, concern has grown

More information

Chapter 1 Introduction

Chapter 1 Introduction Chapter 1 Introduction This chapter describes the features of the NETGEAR ProSafe 802.11g Wireless VPN Firewall, Model FVG318. Key Features of the VPN Firewall Router The ProSafe 802.11g Wireless VPN Firewall

More information

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0

DATA SECURITY 1/12. Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 DATA SECURITY 1/12 Copyright Nokia Corporation 2002. All rights reserved. Ver. 1.0 Contents 1. INTRODUCTION... 3 2. REMOTE ACCESS ARCHITECTURES... 3 2.1 DIAL-UP MODEM ACCESS... 3 2.2 SECURE INTERNET ACCESS

More information

MN-700 Base Station Configuration Guide

MN-700 Base Station Configuration Guide MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station

More information

9 Simple steps to secure your Wi-Fi Network.

9 Simple steps to secure your Wi-Fi Network. 9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password

More information

United States Trustee Program s Wireless LAN Security Checklist

United States Trustee Program s Wireless LAN Security Checklist United States Trustee Program s Wireless LAN Security Checklist In support of a standing trustee s proposed implementation of Wireless Access Points (WAP) in ' 341 meeting rooms and courtrooms, the following

More information

Chapter 3 Safeguarding Your Network

Chapter 3 Safeguarding Your Network Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate

More information

Chapter 2 Configuring Your Wireless Network and Security Settings

Chapter 2 Configuring Your Wireless Network and Security Settings Chapter 2 Configuring Your Wireless Network and Security Settings This chapter describes how to configure the wireless features of your DG834N RangeMax TM NEXT Wireless ADSL2+ Modem Router. For a wireless

More information

Particularities of security design for wireless networks in small and medium business (SMB)

Particularities of security design for wireless networks in small and medium business (SMB) Revista Informatica Economică, nr. 4 (44)/2007 93 Particularities of security design for wireless networks in small and medium business (SMB) Nicolae TOMAI, Cluj-Napoca, Romania, tomai@econ.ubbcluj.ro

More information

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis:

Self Help Guide IMPORTANT! Securing Your Wireless Network. This Guide refers to the following Products: Please read the following carefully; Synopsis: IMPORTANT! This Guide refers to the following Products: Securing Your Wireless Network Please read the following carefully; Synopsis: This Guide is designed to help you if you have a Wireless Network that

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks.

Deploying secure wireless network services The Avaya Identity Engines portfolio offers flexible, auditable management for secure wireless networks. Table of Contents Section 1: Executive summary...1 Section 2: The challenge...2 Section 3: WLAN security...3 and the 802.1X standard Section 4: The solution...4 Section 5: Security...4 Section 6: Encrypted

More information

Legacy 802.11 Security

Legacy 802.11 Security Legacy 802.11 Security Contents Authentication Open System Authentication Shared Key Authentication Wired Equivalent Privacy (WEP) Encryption Virtual Private Networks (VPNs) Point-to-Point Tunneling Protocol

More information

LCOS 9.10 Feature Notes

LCOS 9.10 Feature Notes Feature Notes Page 1 www.lancom.de The LANCOM firmware LCOS and the respective managements tools (LCMS) regularly provide new functionalities for current LANCOM routers, access points, and gateways free

More information

Network Connections and Wireless Security

Network Connections and Wireless Security Network Connections and Wireless Security This chapter explains how to use your Wireless Adapter to connect to your Wireless Local Area Network (WLAN) and how to set up wireless security for the Wireless

More information

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007

Wireless Network Security. Pat Wilbur Wireless Networks March 30, 2007 Wireless Network Security Pat Wilbur Wireless Networks March 30, 2007 Types of Attacks Intrusion gain unauthorized access to a network in order to use the network or Internet connection Types of Attacks

More information

Network Security Best Practices

Network Security Best Practices CEDIA WHITE PAPER Network Security Best Practices 2014 CEDIA TABLE OF CONTENTS 01 Document Scope 3 02 Introduction 3 03 Securing the Router from WAN (internet) Attack 3 04 Securing the LAN and Individual

More information

Configuring Security Solutions

Configuring Security Solutions CHAPTER 3 This chapter describes security solutions for wireless LANs. It contains these sections: Cisco Wireless LAN Solution Security, page 3-2 Using WCS to Convert a Cisco Wireless LAN Solution from

More information

TECHNICAL NOTE REFERENCE DOCUMENT. Improving Security for Axis Products. Created: 4 October 2007. Last updated: 11 October 2007. Rev: 1.

TECHNICAL NOTE REFERENCE DOCUMENT. Improving Security for Axis Products. Created: 4 October 2007. Last updated: 11 October 2007. Rev: 1. TECHNICAL NOTE REFERENCE DOCUMENT Improving Security for Axis Products Created: 4 October 2007 Last updated: 11 October 2007 Rev: 1.0 TABLE OF CONTENTS 1 INTRODUCTION 3 2 BEST-PRACTICE SECURITY POLICIES

More information

Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN)

Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN) Lecture 10: Virtual LANs (VLAN) and Virtual Private Networks (VPN) Prof. Shervin Shirmohammadi SITE, University of Ottawa Prof. Shervin Shirmohammadi CEG 4185 10-1 Virtual LANs Description: Group of devices

More information

If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders. Dan Farmer, System Administrators Guide to Cracking

More information

N300 WiFi Range Extender

N300 WiFi Range Extender Model EX2700 User Manual July 2014 202-11395-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number on

More information

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008 INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee

More information

...connecting your business. LANCOM UMTS/VPN Option. ❿ Mobile conference room ❿ Last mile ❿ UMTS backup

...connecting your business. LANCOM UMTS/VPN Option. ❿ Mobile conference room ❿ Last mile ❿ UMTS backup ...connecting your business LANCOM UMTS/VPN Option ❿ Mobile conference room ❿ Last mile ❿ UMTS backup LANCOM gives you more... The LANCOM UMTS/VPN option offers flexible working without compromise. Check

More information

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,

More information

Security in Wireless Local Area Network

Security in Wireless Local Area Network Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June

More information

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com

Wireless Security Overview. Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Wireless Security Overview Ann Geyer Partner, Tunitas Group Chair, Mobile Healthcare Alliance 209-754-9130 ageyer@tunitas.com Ground Setting Three Basics Availability Authenticity Confidentiality Challenge

More information

Wireless Networks. Welcome to Wireless

Wireless Networks. Welcome to Wireless Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)

More information

Securing your Linksys Wireless Router BEFW11S4 Abstract

Securing your Linksys Wireless Router BEFW11S4 Abstract Securing your Linksys Wireless Router BEFW11S4 Abstract Current implementations of the 802.11b wireless LAN standards have several potential pitfalls for security. However, built in security mechanisms

More information

WLAN Authentication and Data Privacy

WLAN Authentication and Data Privacy WLAN Authentication and Data Privacy Digi Wi-Point 3G supports various Wi-Fi security options, including WEP-40/WEP-104 and WPA- PSK and WPA2-PSK. To configure WLAN security on DIGI WI-POINT 3G, you may

More information

Chapter 2 Wireless Settings and Security

Chapter 2 Wireless Settings and Security Chapter 2 Wireless Settings and Security This chapter describes how to set up the wireless features of your WGT624 v4 wireless router. In planning your wireless network, select a location for the wireless

More information

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices

All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly

More information

Virtual Access Points

Virtual Access Points Virtual Access Points Performance Impacts in an 802.11 environment and Alternative Solutions to overcome the problems By Thenu Kittappa Engineer Author: Thenu Kittappa Page 1 Virtual Access Points... 1

More information

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust

12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or

More information

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING

THE IMPORTANCE OF CRYPTOGRAPHY STANDARD IN WIRELESS LOCAL AREA NETWORKING International Journal of Electronics and Communication Engineering & Technology (IJECET) Volume 6, Issue 9, Sep 2015, pp. 65-74, Article ID: IJECET_06_09_008 Available online at http://www.iaeme.com/ijecetissues.asp?jtype=ijecet&vtype=6&itype=9

More information

YO-301AP POE AP Datasheet

YO-301AP POE AP Datasheet YO-301AP POE AP Datasheet 300Mbps Wi-Fi Ceiling POE Access Point VER:1.0 Date:2013-06-03 1 Product Description: Practical and powerful The Ceiling PoE wireless access point for your home or office network

More information

Developing Network Security Strategies

Developing Network Security Strategies NETE-4635 Computer Network Analysis and Design Developing Network Security Strategies NETE4635 - Computer Network Analysis and Design Slide 1 Network Security Design The 12 Step Program 1. Identify network

More information

Best Practices for Outdoor Wireless Security

Best Practices for Outdoor Wireless Security Best Practices for Outdoor Wireless Security This paper describes security best practices for deploying an outdoor wireless LAN. This is standard body copy, style used is Body. Customers are encouraged

More information

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003

Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 Wi-Fi Protected Access: Strong, standards-based, interoperable security for today s Wi-Fi networks Wi-Fi Alliance April 29, 2003 2003 Wi-Fi Alliance. Wi-Fi is a registered trademark of the Wi-Fi Alliance

More information

GCSE Computing A451 Unit 6.1 Networks

GCSE Computing A451 Unit 6.1 Networks Candidates should be able to: a. Explain the advantages of networking stand-alone computers into a LAN b. Describe H/W needed to connect stand-alone computers into a LAN, including hub/switches, wireless

More information

ICAB4236B Build security into a virtual private network

ICAB4236B Build security into a virtual private network ICAB4236B Build security into a virtual private network Release: 1 ICAB4236B Build security into a virtual private network Modification History Not Applicable Unit Descriptor Unit descriptor This unit

More information

ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption

ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption ISSM 533 Cryptology and Secure Network Communications Lab 4 WEP Encryption Lab Objectives Implement two wireless networks using basic WEP encryption using 10 character static keys implemented on all machines

More information

Chapter 2 Introduction

Chapter 2 Introduction Chapter 2 Introduction This chapter describes the features of the NETGEAR 54 Mbps Wireless ADSL Modem Router Model DG834G. The Wireless ADSL Modem Router is a combination of a built-in ADSL modem, ADSL

More information

Configuring Your Network s Security

Configuring Your Network s Security Configuring Your Network s Security Security is an important issue when using a wireless home network. Because radio waves are used to transfer information between your networked computers, it's possible

More information

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline

Overview. Summary of Key Findings. Tech Note PCI Wireless Guideline Overview The following note covers information published in the PCI-DSS Wireless Guideline in July of 2009 by the PCI Wireless Special Interest Group Implementation Team and addresses version 1.2 of the

More information

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example

Table of Contents. Cisco Wi Fi Protected Access 2 (WPA 2) Configuration Example Table of Contents Wi Fi Protected Access 2 (WPA 2) Configuration Example...1 Document ID: 67134...1 Introduction...1 Prerequisites...1 Requirements...1 Components Used...2 Conventions...2 Background Information...2

More information

Go Wireless. Open up new possibilities for work and play

Go Wireless. Open up new possibilities for work and play Go Wireless Open up new possibilities for work and play Start with 3 pieces A typical home or small-office wireless LAN requires only 3 pieces of hardware. With these 3 pieces, you re ready to get started!

More information

ECB3500 2.4GHz Super G 108Mbps Access Point/Client Bridge/Repeater/WDS AP/

ECB3500 2.4GHz Super G 108Mbps Access Point/Client Bridge/Repeater/WDS AP/ Wireless Long Range Multi-function 7+1 AP ECB3500 2.4GHz Super G 108Mbps Access Point/Client Bridge/Repeater/WDS AP/ EIRP up to 2000mW WDS Bridge/Client Router/AP Router ECB3500 is a powerful, enhanced,

More information

IEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320. Management Guide. www.edge-core.com. Software Release v2.0.0.1

IEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320. Management Guide. www.edge-core.com. Software Release v2.0.0.1 IEEE 802.11a/ac/n/b/g Enterprise Access Points ECW5320 ECWO5320 Management Guide Software Release v2.0.0.1 www.edge-core.com Management Guide ECW5320 Indoor Enterprise Access Point IEEE 802.11a/ac/n/b/g

More information

Cisco Aironet Wireless Bridges FAQ

Cisco Aironet Wireless Bridges FAQ Cisco Aironet Wireless Bridges FAQ Document ID: 16041 Contents Introduction What is the Cisco Aironet Wireless Bridge? What are the different platforms of wireless bridges that Cisco offers? Where can

More information

Top 10 Security Checklist for SOHO Wireless LANs

Top 10 Security Checklist for SOHO Wireless LANs Introduction Corporations, government agencies, the military, and enterprises in fact all medium to large scale wireless LANs have a different set of security requirements compared to the wireless LAN

More information

Chapter 2 Introduction

Chapter 2 Introduction Chapter 2 Introduction This chapter describes the features of the NETGEAR DG834PN 108 Mbps RangeMax TM ADSL Modem Wireless Router. The DG834PN is a combination of a built-in ADSL modem, wireless router,

More information

WiFi Security Assessments

WiFi Security Assessments WiFi Security Assessments Robert Dooling Dooling Information Security Defenders (DISD) December, 2009 This work is licensed under a Creative Commons Attribution 3.0 Unported License. Table of Contents

More information

Recommended 802.11 Wireless Local Area Network Architecture

Recommended 802.11 Wireless Local Area Network Architecture NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless

More information

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science Security Measures taken in Securing Data Transmission on Wireless LAN 1 AGWU C. O., 2 ACHI I. I., AND 3 OKECHUKWU O. 1 Department of Computer Science Ebonyi State University Abakaliki 2 Department of Computer

More information

AC750 WiFi Range Extender

AC750 WiFi Range Extender Model EX6100 User Manual April 2014 202-11307-03 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number

More information

Chapter 2 Introduction

Chapter 2 Introduction Chapter 2 Introduction This chapter describes the features of the NETGEAR 54 Mbps ADSL Modem Wireless Router Model DG834G. The ADSL Modem Wireless Router is a combination of a built-in ADSL modem, modem

More information

EAP N Wall Mount Access Point / WDS AP / Universal Repeater

EAP N Wall Mount Access Point / WDS AP / Universal Repeater EAP9550 is a powerful and multi-functioned 11n Access Point and it can act three modes AP/WDS/Universal Repeater. Smoke detector appearance will minimize visibility. So this model can work properly at

More information

N300 WiFi Range Extender WN2000RPT User Manual

N300 WiFi Range Extender WN2000RPT User Manual N300 WiFi Range Extender WN2000RPT User Manual December 2013 202-11333-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products. After installing your device,

More information

PCI Wireless Compliance with AirTight WIPS

PCI Wireless Compliance with AirTight WIPS A White Paper by AirTight Networks, Inc. 339 N. Bernardo Avenue, Suite 200, Mountain View, CA 94043 www.airtightnetworks.com 2013 AirTight Networks, Inc. All rights reserved. Introduction Although [use

More information

Configuring the WT-4 for Upload to a Computer (Infrastructure Mode)

Configuring the WT-4 for Upload to a Computer (Infrastructure Mode) Page 1 of 25 Configuring the WT-4 for Upload to a Computer (Infrastructure Mode) Windows 7 Configuring the WT-4 for Upload to a Computer (Infrastructure Mode) This document provides basic instructions

More information

Securing end devices

Securing end devices Securing end devices Securing the network edge is already covered. Infrastructure devices in the LAN Workstations Servers IP phones Access points Storage area networking (SAN) devices. Endpoint Security

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1 Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3

More information

BASIC INSTRUCTIONS TO CONFIGURE ZYXEL P8701T CPE USING THE WEB INTERFACE

BASIC INSTRUCTIONS TO CONFIGURE ZYXEL P8701T CPE USING THE WEB INTERFACE BASIC INSTRUCTIONS TO CONFIGURE ZYXEL P8701T CPE USING THE WEB INTERFACE 12/11/2012 Index 1 INTRODUCTION... 1-1 2 FACTORY DEFAULT SETTINGS... 2-1 3 CPE BASIC OPERATIONS... 3-1 3.1 PASSWORD MODIFICATION...

More information

DATA PROJECTOR XJ-A135/XJ-A145/XJ-A235/ XJ-A245

DATA PROJECTOR XJ-A135/XJ-A145/XJ-A235/ XJ-A245 DATA PROJECTOR XJ-A135/XJ-A145/XJ-A235/ XJ-A245 E Data Projector Wireless Function Guide Be sure to read the precautions in the User s Guide (Basic Operations) that comes with the Data Projector. Be sure

More information

Cisco Virtual Office Express

Cisco Virtual Office Express . Q&A Cisco Virtual Office Express Overview Q. What is Cisco Virtual Office Express? A. Cisco Virtual Office Express is a solution that provides secure, rich network services to workers at locations outside

More information

Achieving a FIPS Compliant Wireless Infrastructure with Intel Wireless Products. Solution Brief

Achieving a FIPS Compliant Wireless Infrastructure with Intel Wireless Products. Solution Brief Achieving a FIPS Compliant Wireless Infrastructure with Intel Wireless Products Legal Disclaimer This document is provided as is with no warranties whatsoever, including any warranty of merchantability,

More information

Security Awareness. Wireless Network Security

Security Awareness. Wireless Network Security Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition

More information

Configure Workgroup Bridge on the WAP351

Configure Workgroup Bridge on the WAP351 Article ID: 5047 Configure Workgroup Bridge on the WAP351 Objective The Workgroup Bridge feature enables the Wireless Access Point (WAP) to bridge traffic between a remote client and the wireless LAN that

More information

Configuring the WT-4 for Upload to a Computer (Infrastructure Mode)

Configuring the WT-4 for Upload to a Computer (Infrastructure Mode) En Configuring the WT-4 for Upload to a Computer (Infrastructure Mode) Windows XP This document provides basic instructions on configuring the WT-4 wireless transmitter and a Windows XP Professional SP2

More information

SCADA SYSTEMS AND SECURITY WHITEPAPER

SCADA SYSTEMS AND SECURITY WHITEPAPER SCADA SYSTEMS AND SECURITY WHITEPAPER Abstract: This paper discusses some of the options available to companies concerned with the threat of cyber attack on their critical infrastructure, who as part of

More information

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA

Wireless LANs and Healthcare: Understanding Security to Ensure Compliance with HIPAA : Understanding Security to Ensure Compliance with HIPAA Healthcare is a natural environment for wireless LAN solutions. With a large mobile population of doctors, nurses, physician s assistants and other

More information

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.

Wireless Security. New Standards for 802.11 Encryption and Authentication. Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas. Wireless Security New Standards for 802.11 Encryption and Authentication Ann Geyer 209-754-9130 ageyer@tunitas.com www.tunitas.com National Conference on m-health and EOE Minneapolis, MN Sept 9, 2003 Key

More information

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business

Quick Start Guide. WRV210 Wireless-G VPN Router with RangeBooster. Cisco Small Business Quick Start Guide Cisco Small Business WRV210 Wireless-G VPN Router with RangeBooster Package Contents WRV210 Router Ethernet Cable Power Adapter Product CD-ROM Quick Start Guide Welcome Thank you for

More information

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches

Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches print email Article ID: 4941 Enabling Multiple Wireless Networks on RV320 VPN Router, WAP321 Wireless-N Access Point, and Sx300 Series Switches Objective In an ever-changing business environment, your

More information

NBG2105. User s Guide. Quick Start Guide. Wireless Mini Travel Router. Default Login Details. Version 1.00 Edition 1, 11/2012

NBG2105. User s Guide. Quick Start Guide. Wireless Mini Travel Router. Default Login Details. Version 1.00 Edition 1, 11/2012 NBG2105 Wireless Mini Travel Router Version 1.00 Edition 1, 11/2012 Quick Start Guide User s Guide LAN IP Address Default Login Details 192.168.1.1 (Router Mode) 192.168.1.2 (Other Modes) Passwordwww.zyxel.com

More information

WLAN Security Networking with Confidence

WLAN Security Networking with Confidence WLAN Security Networking with Confidence Introduction So you ve just installed a new wireless local area network (WLAN) in your small business or home. The access point is on and connected, the client

More information

WRE6505. User s Guide. Quick Start Guide. Wireless AC750 Range Extender. Default Login Details. Version 1.00 Edition 1, 4 2014

WRE6505. User s Guide. Quick Start Guide. Wireless AC750 Range Extender. Default Login Details. Version 1.00 Edition 1, 4 2014 WRE6505 Wireless AC750 Range Extender Version 1.00 Edition 1, 4 2014 2.4G 5G Quick Start Guide User s Guide Default Login Details LAN IP Address 192.168.1.2 User Name admin www.zyxel.com Password 1234

More information

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection

WHITE PAPER. WEP Cloaking for Legacy Encryption Protection WHITE PAPER WEP Cloaking for Legacy TM Encryption Protection Introduction Wired Equivalent Privacy (WEP) is the encryption protocol defined in the original IEEE 802.11 standard for Wireless Local Area

More information

DATA PROJECTOR XJ-A146/XJ-A246/XJ-A256

DATA PROJECTOR XJ-A146/XJ-A246/XJ-A256 DATA PROJECTOR XJ-A146/XJ-A246/XJ-A256 E Data Projector Wireless Function Guide Be sure to read the precautions in the Setup Guide that comes with the Data Projector. Be sure to keep all user documentation

More information

Wireless Services. The Top Questions to Help You Choose the Right Wireless Solution for Your Business. www.megapath.com

Wireless Services. The Top Questions to Help You Choose the Right Wireless Solution for Your Business. www.megapath.com Wireless Services The Top Questions to Help You Choose the Right Wireless Solution for Your Business Get Started Now: 877.611.6342 to learn more. www.megapath.com Why Go Wireless? Today, it seems that

More information

Introduction. Quick Installation Guide. Section 1. Connecting the Router. Wireless N 3G / 3.5G Mobile Router. Model # AR660W3G

Introduction. Quick Installation Guide. Section 1. Connecting the Router. Wireless N 3G / 3.5G Mobile Router. Model # AR660W3G Introduction Quick Installation Guide Wireless N 3G / 3.5G Mobile Router Model # AR660W3G Congratulations on your purchase of AR660W3G Wireless N 3G/3.5G Mobile Router. This product is specifically designed

More information

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion

Network Security. Tampere Seminar 23rd October 2008. Overview Switch Security Firewalls Conclusion Network Security Tampere Seminar 23rd October 2008 1 Copyright 2008 Hirschmann 2008 Hirschmann Automation and and Control GmbH. Contents Overview Switch Security Firewalls Conclusion 2 Copyright 2008 Hirschmann

More information

Study on VLAN in Wireless Networks

Study on VLAN in Wireless Networks Study on VLAN in Wireless Networks Rajul Chokshi and Dr. Chansu Yu Department of Electrical and Computer Engineering Cleveland State University Cleveland, Ohio 44115 April 30, 2007 Abstract This technical

More information

NETGEAR ProSAFE WC7520 Wireless Controller

NETGEAR ProSAFE WC7520 Wireless Controller NETGEAR ProSAFE WC7520 Wireless Controller Confi guring Offi ce and Guest SSIDs Using a Layer 3 Switch on Separate Layer 3 Subnets APPLICATION NOTES INTRODUCTION Business environments are dynamic in nature,

More information

N300 WiFi Range Extender

N300 WiFi Range Extender Model WN3000RP User Manual September 2014 202-11409-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number

More information

Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004

Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004 Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004 White Paper Published: June 2004 For the latest information, please see http://www.microsoft.com/isaserver/ Contents

More information

The Wireless LAN (Local Area Network) USB adapter can be operated in one of the two following networking configurations :

The Wireless LAN (Local Area Network) USB adapter can be operated in one of the two following networking configurations : SAGEM Wi-Fi 11g USB ADAPTER Quick Start Guide About this guide This Quick Start Guide describes how to install and operate your SAGEM Wi-Fi 11g USB ADAPTER. Please read this manual before you install the

More information

LW310V2 Sweex Wireless 300N Router

LW310V2 Sweex Wireless 300N Router LW310V2 Sweex Wireless 300N Router Please notice! On the included CD-ROM you will find the Setup Wizard. This easy install procedure will show you how to setup the router step-by-step. Do not expose the

More information

CS549: Cryptography and Network Security

CS549: Cryptography and Network Security CS549: Cryptography and Network Security by Xiang-Yang Li Department of Computer Science, IIT Cryptography and Network Security 1 Notice This lecture note (Cryptography and Network Security) is prepared

More information

WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS

WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS January 2003 January WHITE 2003 PAPER WIRELESS SECURITY IN 802.11 (WI-FI ) NETWORKS With the increasing deployment of 802.11 (or Wi-Fi) wireless networks in business environments, IT organizations are

More information

SpiderCloud E-RAN Security Overview

SpiderCloud E-RAN Security Overview SpiderCloud E-RAN Security Overview Excerpt for SpiderCloud Wireless, Inc. 408 East Plumeria Drive San Jose, CA 95134 USA -hereafter called SpiderCloud- Page 1 of 7 Table of Contents 1 Executive Summary...5

More information

642 552 Securing Cisco Network Devices (SND)

642 552 Securing Cisco Network Devices (SND) 642 552 Securing Cisco Network Devices (SND) Course Number: 642 552 Length: 1 Day(s) Course Overview This course is part of the training for the Cisco Certified Security Professional, Cisco Firewall Specialist,

More information

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security? 7 Network Security 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework 7.4 Firewalls 7.5 Absolute Security? 7.1 Introduction Security of Communications data transport e.g. risk

More information

Wireless Network Security

Wireless Network Security Wireless Network Security Bhavik Doshi Privacy and Security Winter 2008-09 Instructor: Prof. Warren R. Carithers Due on: February 5, 2009 Table of Contents Sr. No. Topic Page No. 1. Introduction 3 2. An

More information