Netgear WAC120 Reference Manual - Page 22

802.11ac Wireless Access Point Model WAC120 - WEP and TKIP provide only legacy (slower) rates of operation. NETGEAR recommends AES encryption so that you can use the 11n rates and speed. For more information, see Wireless Security Profiles on page 22. • Connect stations manually. When you initiate a WPS connection, you provide a short window of two minutes for a WPS-capable wireless client to join your network. Once the connection is made, the intruder can learn your wireless security settings and rejoin your network at a later time. For more information, see Connect Stations to the Wireless Access Point on page 26. • Keep watch over your wireless network. Regularly monitor the wireless stations that are allowed to connect to your access point and make sure that all of them are legitimate. For more information, see View Available Wireless Stations on page 57. • Change the login password regularly. When you use the default login password, an intruder can more easily figure out how to log in to the management interface of the access point and change the settings. For more information, see Change the admin Password on page 49. Note: For additional wireless security, you can change the default network key regularly. But whenever you change the network key, you must reconnect all of the wireless devices. For more information, see Wireless Security Profiles on page 22. • Turn off the wireless radio. During the hours when your offices are closed, turn off the wireless radio. For more information, see Wireless On-Off Schedule on page 20. • Turn off the broadcast of the wireless network name (SSID). If you disable broadcast of the SSID, only devices that use the correct SSID can connect. This nullifies the wireless network discovery feature of some products such as Windows XP, but the data is still fully exposed to a determined snoop using specialized test equipment like wireless sniffers. For more information, see Wireless Security Profiles on page 22. • Restrict access based on MAC address. You can restrict access to only trusted computers so that unknown computers cannot connect wirelessly to the access point. MAC address filtering adds an obstacle against unwanted access to your network. For more information, see MAC Authentication on page 24. Wireless Security Profiles Details of each wireless network are contained in a security profile. You can edit up to eight security profiles for each SSID. Each security profile contains the following information: • Profile name. This is the unique profile name. This value can be up to 32 alphanumeric characters. • SSID. This is the current SSID associated with this profile. • Security. This is the current security standard, such as WPA-PSK, associated with the profile. Initial Setup 22