Netgear WAC730-Business User Manual - Page 37
WiFi Data Security Options, Con the WiFi Features and Security
View all Netgear WAC730-Business manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 37 highlights
Dual-Band Wireless AC Access Point WAC720 and WAC730 User Manual WiFi Data Security Options Indoors, computers can connect over 802.11ac WiFi networks at a maximum range of 300 feet. Typically, a access point inside a building works best with devices within a 100-foot radius. Such distances can allow for others outside your immediate area to access your network. Unlike wired network data, your WiFi data transmissions can extend beyond your walls and can be received by anyone with a compatible WiFi device. For this reason, use the security features of your WiFi equipment. The access point provides highly effective security features that are covered in detail in this chapter. Deploy the security features appropriate to your needs. Figure 6. WiFi data security examples You can enhance the security of your WiFi network in several ways: • Use multiple BSSIDs combined with VLANs.You can configure combinations of VLANS and BSSIDs (security profiles) with stronger or less restrictive access security according to your requirements. For example, visitors could be given WiFi Internet access but be excluded from any access to your internal network. For information about how to configure BSSIDs, see Configure and Enable WiFi Security Profiles on page 39. • Restrict access based on MAC address. You can allow only trusted devices to connect so that unknown devices cannot connect over the WiFi to the access point. Restricting access by MAC address adds an obstacle against unwanted access to your network, but the data broadcast over the WiFi link is fully exposed. For information about how to restrict access by MAC address, see Manage MAC Address Filter Profiles in the Local MAC Address Database on page 50. • Turn off the broadcast of the WiFi network name (SSID). If you disable broadcast of the SSID, only devices with the correct SSID can connect. This nullifies the WiFi network discovery feature of some products, such as Windows XP, but the data is still exposed. For information about how to turn off broadcast of the SSID, see Configure and Enable WiFi Security Profiles on page 39. • WPA2-PSK (AES). Wi-Fi Protected Access version 2 (WPA2) provides the most reliable security with Advanced Encryption Standard (AES) encryption. This very strong authentication along with dynamic per-frame rekeying of WPA2 makes it virtually impossible to compromise.You can also use a combination of Temporal Key Integrity Protocol (TKIP) and AES encryption. WPA2-PSK uses a pre-shared key (PSK) for authentication. For more information, see Configure and Enable WiFi Security Profiles on page 39 and About WPA2-PSK and WPA-PSK & WPA2-PSK on page 46. Configure the WiFi Features and Security 37