Cisco WVC2300 Administration Guide - Page 14

while RADIUS stands for Remote Authentication Dial-In User Service. This type - user guide

Get Cisco WVC2300 - Small Business Wireless-G Internet Video Camera PDF manuals and user guides
UPC - 745883579617
View all Cisco WVC2300 manuals
Add to My Manuals
Save this manual to your list of manuals

Page 14 highlights

Planning Your Wireless Network Security Threats Facing Wireless Networks 2 Most wireless networking devices will give you the option of broadcasting the SSID. While this option may be more convenient, it allows anyone to log into your wireless network. This includes hackers. So, don't broadcast the SSID. Wireless networking products come with a default SSID set from the factory. (The Cisco default SSID is "ciscosb".) Hackers know these defaults and can check these against your network. Change your SSID to something unique and not something related to your company or the networking products you use. Change your SSID regularly so that any hackers who have gained access to your wireless network will have to start from the beginning in trying to break in. MAC Addresses. Enable MAC Address filtering. MAC Address filtering allows you to provide access to only those wireless nodes with certain MAC Addresses. This makes it harder for a hacker to access your network with a random MAC Address. WEP Encryption. Wired Equivalent Privacy (WEP) is often looked upon as a cure-all for wireless security concerns. This is overstating WEP's ability. Again, this can only provide enough security to make a hacker's job more difficult. There are several ways that WEP can be maximized: • Use the highest level of encryption possible • Use "Shared Key" authentication • Change your WEP key regularly WPA/WPA2 Personal. WPA stands for Wi-Fi Protected Access, which is a security standard stronger than WEP encryption. A network encrypted with WPA/WPA2 is more secure than a network encrypted with WEP, because WPA/WPA2 uses dynamic key encryption. To protect the information as it passes over the airwaves, you should enable the highest level. WPA/WPA Enterprise. Enterprise refers to using RADIUS server for authentication, while RADIUS stands for Remote Authentication Dial-In User Service. This type of authentication requires some advanced expertise because it involves setting up a RADIUS server for authentication and, in some cases, creation of certificates for both the RADIUS server and the camera. If you are using WPA/WPA2 Enterprise security, you will need to upload security certificates to the camera. Certificates must be in the following format: • Root certificate: DER encoded binary x.509 (CER/PEM) • User certificate: Personal Information Exchange (PKCS#12(.PFX)) Cisco PVC2300 and WVC2300 Internet Video Cameras with Audio Administration Guide 7

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
Planning Your Wireless Network
Security Threats Facing Wireless Networks
Cisco PVC2300 and WVC2300 Internet Video Cameras with Audio Administration Guide
7
2
Most wireless networking devices will give you the option of broadcasting the
SSID. While this option may be more convenient, it allows anyone to log into your
wireless network. This includes hackers. So, don’t broadcast the SSID.
Wireless networking products come with a default SSID set from the factory. (The
Cisco default SSID is “ciscosb”.) Hackers know these defaults and can check
these against your network. Change your SSID to something unique and not
something related to your company or the networking products you use.
Change your SSID regularly so that any hackers who have gained access to your
wireless network will have to start from the beginning in trying to break in.
MAC Addresses.
Enable MAC Address filtering. MAC Address filtering allows you
to provide access to only those wireless nodes with certain MAC Addresses. This
makes it harder for a hacker to access your network with a random MAC Address.
WEP Encryption.
Wired Equivalent Privacy (WEP) is often looked upon as a cure-all
for wireless security concerns. This is overstating WEP’s ability. Again, this can
only provide enough security to make a hacker’s job more difficult. There are
several ways that WEP can be maximized:
Use the highest level of encryption possible
Use “Shared Key” authentication
Change your WEP key regularly
WPA/WPA2 Personal.
WPA stands for Wi-Fi Protected Access, which is a security
standard stronger than WEP encryption. A network encrypted with WPA/WPA2 is
more secure than a network encrypted with WEP, because WPA/WPA2 uses
dynamic key encryption. To protect the information as it passes over the airwaves,
you should enable the highest level.
WPA/WPA Enterprise
. Enterprise refers to using RADIUS server for authentication,
while RADIUS stands for Remote Authentication Dial-In User Service. This type of
authentication requires some advanced expertise because it involves setting up a
RADIUS server for authentication and, in some cases, creation of certificates for
both the RADIUS server and the camera.
If you are using WPA/WPA2 Enterprise security, you will need to upload security
certificates to the camera. Certificates must be in the following format:
Root certificate: DER encoded binary x.509 (CER/PEM)
User certificate: Personal Information Exchange (PKCS#12(.PFX))