Cisco WAP200 Administration Guide - Page 57

Chapter 2 How it works Chapter 2 WPA1/WPA2 Wi-Fi Protected Access (WPA) is the Wi-Fi security standard that was developed to replace WEP. It features improved data encryption and implements 802.1x to provide user authentication. WPA1 data encryption is handled by the Temporal Key Integrity Protocol (TKIP). It addresses all known WEP weaknesses with a variety of important security enhancements. WPA2 provides AES/CCMP encryption for even stronger protection of the wireless data stream. Keys can be dynamically generated on a per-user basis at login via a RADIUS server.In this case, user login information is also maintained on the RADIUS server. Key length and key rotation interval are defined on the WAP-200. WPA also features a special mode called Pre-Shared Keys In this mode a single key is defined for all user connections. This key is used for encryption only. This mode does not provide user authentication (there is no username and password). To use WPA, wireless client stations must install WPA client software. Do not broadcast wireless network name You can disable the broadcast of the wireless network name. This forces client stations to provide the correct network name to connect to the WAP-200. By assigning a unique name to the wireless network, you can block access by unauthorized computers. This feature can be used to create backup operation of the network in case of equipment failure. For example, you could install two WAP-200s, each operating on a different channel, within close proximity of one another. Each WAP-200 would communicate with a different access controller. If one of the controllers goes down, the service sensor will detect it and shut down the radio on the affected WAP-200. Client stations connected to this WAP-200 will automatically be transferred to the other WAP-200 with no interruption in service. This only works if both WAP-200s have the same SSID. To set up the service sensor, open the Security > Access controller page. 57