Apple MC340LL User Guide - Page 13

Wi-Fi Protected Access (WPA), LEAP Support

Get Apple MC340LL - AirPort Extreme Base Station PDF manuals and user guides
UPC - 885909350186
View all Apple MC340LL manuals
Add to My Manuals
Save this manual to your list of manuals

Page 13 highlights

LEAP Support The Lightweight Extensible Authentication Protocol (LEAP) is a security protocol used by Cisco access points to dynamically assign a different WEP key to each user. AirPort Extreme is compatible with Cisco's LEAP security protocol, enabling users to join Ciscohosted wireless networks using LEAP. Wi-Fi Protected Access (WPA) There has been increasing concern about the vulnerabilities of WEP. In response, the Wi-Fi Alliance, in conjunction with the IEEE, has developed a strongly enhanced, interoperable security standard called Wi-Fi Protected Access (WPA). WPA is a specification that brings together standards-based, interoperable security mechanisms that strongly increase the level of data protection and access control for wireless LANs. WPA provides wireless LAN users with a high level of assurance that their data remains protected and that only authorized network users can access the network. A wireless network that uses WPA requires that all computers that access the wireless network have WPA support. It provides a high level of data protection and (when used in Enterprise mode) requires user authentication. The main standards-based technologies that comprise WPA include Temporal Key Integrity Protocol (TKIP), 802.1X, Message Integrity Check (MIC), and Extensible Authentication Protocol (EAP). TKIP provides enhanced data encryptions, including the frequency with which keys are used to encrypt the wireless connection. 802.1X and EAP provide the ability to authenticate individual users on the wireless network. 802.1X is a port-based network access control method for wired as well as wireless networks. The IEEE adopted 802.1X as a standard in August 2001. The Message Integrity Check (MIC) is designed to prevent an attacker from capturing data packets, altering them, and resending them. The MIC provides a strong mathematical function in which the receiver and the transmitter each compute and then compare the MIC. If they do not match, the data is assumed to have been tampered with and the packet is dropped. If multiple MIC failures occur, the network may initiate counter-measures The EAP protocol known as TLS (Transport Layer Security) handles the presentation of a user's credentials in the form of digital certificates. A user's digital certificates can comprise user names and passwords, smart cards, secure IDs, or any other identity credentials that the IT administrator is comfortable using. WPA uses a wide variety of standards-based EAP implementations, including EAP-Transport Layer Security (EAPTLS), EAP-Tunnel Transport Layer Security (EAP-TTLS), and Protected Extensible Authentication Protocol (PEAP). Chapter 2 AirPort Security 13

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
Chapter 2
AirPort Security
13
LEAP Support
The Lightweight Extensible Authentication Protocol (LEAP) is a security protocol used
by Cisco access points to dynamically assign a different WEP key to each user. AirPort
Extreme is compatible with Cisco’s LEAP security protocol, enabling users to join Cisco-
hosted wireless networks using LEAP.
Wi-Fi Protected Access (WPA)
There has been increasing concern about the vulnerabilities of WEP. In response, the
Wi-Fi Alliance, in conjunction with the IEEE, has developed a strongly enhanced,
interoperable security standard called Wi-Fi Protected Access (WPA).
WPA is a specification that brings together standards-based, interoperable security
mechanisms that strongly increase the level of data protection and access control for
wireless LANs. WPA provides wireless LAN users with a high level of assurance that their
data remains protected and that only authorized network users can access the
network. A wireless network that uses WPA requires that all computers that access the
wireless network have WPA support. It provides a high level of data protection and
(when used in Enterprise mode) requires user authentication.
The main standards-based technologies that comprise WPA include Temporal Key
Integrity Protocol (TKIP), 802.1X, Message Integrity Check (MIC), and Extensible
Authentication Protocol (EAP).
TKIP provides enhanced data encryptions, including the frequency with which keys are
used to encrypt the wireless connection. 802.1X and EAP provide the ability to
authenticate individual users on the wireless network.
802.1X is a port-based network access control method for wired as well as wireless
networks. The IEEE adopted 802.1X as a standard in August 2001.
The Message Integrity Check (MIC) is designed to prevent an attacker from capturing
data packets, altering them, and resending them. The MIC provides a strong
mathematical function in which the receiver and the transmitter each compute and
then compare the MIC. If they do not match, the data is assumed to have been
tampered with and the packet is dropped. If multiple MIC failures occur, the network
may initiate counter-measures
The EAP protocol known as TLS (Transport Layer Security) handles the presentation of a
user’s credentials in the form of digital certificates. A user’s digital certificates can
comprise user names and passwords, smart cards, secure IDs, or any other identity
credentials that the IT administrator is comfortable using. WPA uses a wide variety of
standards-based EAP implementations, including EAP-Transport Layer Security (EAP-
TLS), EAP-Tunnel Transport Layer Security (EAP-TTLS), and Protected Extensible
Authentication Protocol (PEAP).