Netgear WAG302v2 WAG302v2 Reference Manual - Page 35

Understanding WAG302v2 Wireless Security Options, Configuring Security Profiles - drivers

Get Netgear WAG302v2 - ProSafe Dual Band Wireless Access Point PDF manuals and user guides View all Netgear WAG302v2 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 35 highlights

NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual Understanding WAG302v2 Wireless Security Options Your wireless data transmissions can be received well beyond your walls by anyone with a compatible adapter. For this reason, use the security features of your wireless equipment. The WAG302v2 Wireless Access Point provides highly effective security features which are covered in detail in this chapter. Deploy the security features appropriate to your needs. There are several ways you can enhance the security of your wireless network: • Restrict Access Based on MAC address. You can restrict access to only trusted PCs so that unknown PCs cannot wirelessly connect to the WAG302v2. MAC address filtering adds an obstacle against unwanted access to your network, but the data broadcast over the wireless link is fully exposed. • Turn Off the Broadcast of the Wireless Network Name (SSID). If you disable broadcast of the SSID, only devices that have the correct SSID can connect. This nullifies the wireless network 'discovery' feature of some products such as Windows XP, but the data is still fully exposed to a determined person using specialized test equipment like wireless sniffers. • Use WEP. Wired Equivalent Privacy (WEP) data encryption provides data security. WEP Shared Key authentication and WEP data encryption will block all but the most determined eavesdropper. • Use IEEE 802.1x. IEEE 802.1x is the standard for passing the Extensible Authentication Protocol (EAP) over an 802.11 wireless network using a protocol called EAP Encapsulation Over LANs (EAPOL). This is a newer, more secure standard than Static WEP. • Use WPA, WPA-PSK, WPA2, or WPA2-PSK. Wi-Fi Protected Access (WPA and WPA2) data encryption provides data security. The very strong authentication along with dynamic per frame rekeying of WPA make it virtually impossible to compromise. Because this is a newer standard than the other security options, wireless device driver and software availability may be limited. Configuring Security Profiles You can configure up to eight unique security settings for each radio (802.11a and 802.11b/g) on the WAG302v2. Figure 2-7 shows the Security Profile Settings page. The options and procedures to configure security profiles on the 802.11a and 802.11b/g radios are the same. Basic Installation and Configuration v1.0, May 2006 2-13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
NETGEAR ProSafe Dual Band Wireless Access Point WAG302v2 Reference Manual
Basic Installation and Configuration
2-13
v1.0, May 2006
Understanding WAG302v2 Wireless Security Options
Your wireless data transmissions can be received well beyond your walls by anyone with a
compatible adapter. For this reason, use the security features of your wireless equipment. The
WAG302v2 Wireless Access Point provides highly effective security features which are covered in
detail in this chapter. Deploy the security features appropriate to your needs.
There are several ways you can enhance the security of your wireless network:
Restrict Access Based on MAC address.
You can restrict access to only trusted PCs so that
unknown PCs cannot wirelessly connect to the WAG302v2. MAC address filtering adds an
obstacle against unwanted access to your network, but the data broadcast over the wireless link
is fully exposed.
Turn Off the Broadcast of the Wireless Network Name (SSID).
If you disable broadcast of
the SSID, only devices that have the correct SSID can connect. This nullifies the wireless
network ‘discovery’ feature of some products such as Windows XP, but the data is still fully
exposed to a determined person using specialized test equipment like wireless sniffers.
Use WEP.
Wired Equivalent Privacy (WEP) data encryption provides data security. WEP
Shared Key authentication and WEP data encryption will block all but the most determined
eavesdropper.
Use IEEE 802.1x.
IEEE
802.1x
is the standard for passing the Extensible Authentication
Protocol (
EAP
) over an 802.11 wireless network using a protocol called EAP Encapsulation
Over LANs (EAPOL). This is a newer, more secure standard than Static WEP.
Use WPA, WPA-PSK, WPA2, or WPA2-PSK.
Wi-Fi Protected Access (WPA and WPA2)
data encryption provides data security. The very strong authentication along with dynamic per
frame rekeying of WPA make it virtually impossible to compromise. Because this is a newer
standard than the other security options, wireless device driver and software availability may
be limited.
Configuring Security Profiles
You can configure up to eight unique security settings for each radio (802.11a and 802.11b/g) on
the WAG302v2.
Figure 2-7
shows the Security Profile Settings page. The options and procedures
to configure security profiles on the 802.11a and 802.11b/g radios are the same.