ZyXEL WAP3205 v2 User Guide - Page 175
Encryption, Table 64
View all ZyXEL WAP3205 v2 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 175 highlights
Appendix D Wireless LANs If this feature is enabled, it is not necessary to configure a default encryption key in the Wireless screen. You may still configure and store keys here, but they will not be used while Dynamic WEP is enabled. Note: EAP-MD5 cannot be used with dynamic WEP key exchange For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys for data encryption. They are often deployed in corporate environments, but for public deployment, a simple user name and password pair is more practical. The following table is a comparison of the features of authentication types. Table 64 Comparison of EAP Authentication Types EAP-MD5 EAP-TLS EAP-TTLS Mutual Authentication No Yes Yes Certificate - Client No Yes Optional Certificate - Server No Yes Yes Dynamic Key Exchange No Yes Yes Credential Integrity None Strong Strong Deployment Difficulty Easy Hard Moderate Client Identity Protection No No Yes PEAP Yes Optional Yes Yes Strong Moderate Yes LEAP Yes No No Yes Moderate Moderate No WPA(2) Wi-Fi Protected Access (WPA) is a subset of the IEEE 802.11i standard. WPA2 (IEEE 802.11i) is a wireless security standard that defines stronger encryption, authentication and key management than WPA. Key differences between WPA(2) and WEP are improved data encryption and user authentication. Encryption Both WPA and WPA2 improve data encryption by using Temporal Key Integrity Protocol (TKIP), Message Integrity Check (MIC) and IEEE 802.1x. In addition to TKIP, WPA2 also uses Advanced Encryption Standard (AES) in the Counter mode with Cipher block chaining Message authentication code Protocol (CCMP) to offer stronger encryption. Temporal Key Integrity Protocol (TKIP) uses 128-bit keys that are dynamically generated and distributed by the authentication server. It includes a per-packet key mixing function, a Message Integrity Check (MIC) named Michael, an extended initialization vector (IV) with sequencing rules, and a re-keying mechanism. WAP3205 User's Guide 175