Compaq nc6000 Wireless Security - Page 5

Wi-Fi Protected Access

Get Compaq nc6000 - Notebook PC PDF manuals and user guides View all Compaq nc6000 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 5 highlights

Other security measures Hiding the SSID Limiting the RF propagation Vendor Solutions for WEP Vulnerability Hiding the Service Set Identifier (SSID) is not a valid security measure. Because management frames on 802.11 Wireless LANs are always sent in the clear, this mode of operation does not provide adequate security Limiting propagation is hard, although it is possible in certain environments Wi-Fi Protected Access Fortunately, the Wi-Fi Protected Access (WPA) subset of the 802.11i solution is available to address the vulnerabilities in WEP key access, until the full 802.11i solution - driven by the industry - is available. WPA was developed expressly to increase the level of security for new wireless LANs, and manage existing solutions with software or firmware updates. This solution targets all known WEP vulnerabilities and is forward compatible with the upcoming 802.11i standard. This is a robust security solution with the following features: • Implements 802.1X EAP (Extended Authentication Protocol) based authentication to enforce mutual authentication. • Applies Temporal Key Integrity Protocol (TKIP) on existing RC4 WEP to impose strong data encryption for key management • Enhanced Message Integrity (using Michael Message Integrity Check) The table below lists the advantages and issues of WPA, in comparison to WEP, Advantages • Uses dynamic keys in TKIP for better key management • Supports mutual authentication for stronger network access control. Previous methods authenticated the device, but not the source, for less security • Supports better authentication technologies such as 802.1X, EAP, RADIUS and Pre-shared key • Imposes data integrity through Integrity Check • Forward compatibility with 802.11i Issues • There are still potential encryption weaknesses in TKIP. It would be possible to crack the system, but it would be very difficult. • Slight performance degradation, mainly due to more complex and computation-intensive authentication and encryption protocols. However, with enhancement of hardware and introduction of 802.11g and a, we are gaining greater performance 5

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
5
Vendor Solutions for WEP Vulnerability
Other security measures
Hiding the SSID
Limiting the RF propagation
Hiding the Service Set Identifier (
SSID
) is not a valid security measure. Because
management frames on 802.11 Wireless LANs are always sent in the clear, this mode of
operation does not provide adequate security
Limiting propagation is hard, although it is possible in certain environments
Wi-Fi Protected Access
Fortunately, the Wi-Fi Protected Access (WPA) subset of the 802.11i solution is available to
address the vulnerabilities in WEP key access, until the full 802.11i solution – driven by the
industry – is available. WPA was developed expressly to increase the level of security for new
wireless LANs, and manage existing solutions with software or firmware updates. This solution
targets all known WEP vulnerabilities and is forward compatible with the upcoming 802.11i
standard. This is a robust security solution with the following features:
Implements 802.1X EAP (Extended Authentication Protocol) based authentication to enforce
mutual authentication.
Applies Temporal Key Integrity Protocol (TKIP) on existing RC4 WEP to impose strong data
encryption for key management
Enhanced Message Integrity (using Michael Message Integrity Check)
The table below lists the advantages and issues of WPA, in comparison to WEP,
Advantages
Issues
• Uses dynamic keys in TKIP for better key management
• Supports mutual authentication for stronger network
access control. Previous methods authenticated the device,
but not the source, for less security
• Supports better authentication technologies such as
802.1X, EAP, RADIUS and Pre-shared key
• Imposes data integrity through Integrity Check
• Forward compatibility with 802.11i
• There are still potential encryption weaknesses in TKIP. It
would be possible to crack the system, but it would be very
difficult.
• Slight performance degradation, mainly due to more
complex and computation-intensive authentication and
encryption protocols. However, with enhancement of
hardware and introduction of 802.11g and a, we are
gaining greater performance