Avery 9493 User Manual
B a s i c S e c u r i t y C o n f i g u r a t i o n s
There are two main decisions to be made when choosing wireless security: encryption method
and authentication protocol. The encryption method determines the algorithm used to encrypt
the message. The authentication type specifies how users are identified and verified on a
network. Is the device seeking connection what (and who) it claims to be?
Select an Encryption Method from the following table:
and authentication protocol. The encryption method determines the algorithm used to encrypt
the message. The authentication type specifies how users are identified and verified on a
network. Is the device seeking connection what (and who) it claims to be?
Select an Encryption Method from the following table:
Encryption Method
Type Algorithm
Size
(bits)
Description
WEP RC4
64/128 This is the 64 or 128 bit WEP Key that must match other nodes’
encryption keys in order to communicate. The user can only
define 10 hex characters (40 bits) for 64 bit WEP or 26
characters (104 bits) for 128 bit WEP.
define 10 hex characters (40 bits) for 64 bit WEP or 26
characters (104 bits) for 128 bit WEP.
WPA
RC4
64/128
Improves on WEP by using TKIP* (Temporal Key Integrity
Protocol), which dynamically changes the encryption key and
MIC (Message Integrity Code), which replaces CRC.
Protocol), which dynamically changes the encryption key and
MIC (Message Integrity Code), which replaces CRC.
WPA2 AES
128
Improves on WPA by replacing RC4 with AES (Advanced
Encryption Standard) for encryption. The user can only define
26 characters (104 bits) for 128 bit
WPA2.
Encryption Standard) for encryption. The user can only define
26 characters (104 bits) for 128 bit
WPA2.
* Dynamic WEP cannot be selected directly, so select 128 for the encryption mode and select an
authentication mode from one of the following: LEAP, PEAP, EAP-FAST, TLS, or TTLS.
Authentication Protocol
Type
RADIUS Server
Protocol
User ID &
Password
Certificate
Private Key Info File
LEAP
No
N/A
PEAP*
N/A
TLS Required*
TTLS
Optional*
N/A
Enterprise
EAP-FAST
PAP or
MSCHAPv2
MSCHAPv2
Required
PAC* N/A
Personal PSK
N/A
*PEAP
This is only for server-side certificates.
*Optional
Leaving the Certificate Root Key and the Certificate CN (common) names blank, no
validation of the host certificate is performed. The values are set to “null” and all host
certificates are accepted.
validation of the host certificate is performed. The values are set to “null” and all host
certificates are accepted.
*Required The Print Server comes with a default Private Key Information File. You can
either download that file from the print server and add it to the TLS
authentication server, or overwrite a new one on the print server.
authentication server, or overwrite a new one on the print server.
*PAC
EAP-FAST does not use certificates to authenticate, but a PAC (Protected
Access Credential), which is managed dynamically by the server. The PAC is
distributed one at a time to the client manually or automatically.
EAP-FAST has an optional feature called "auto-provisioning", which allows a
client to receive the original PAC file wirelessly from the authentication server.
However, this method is less secure and is not supported by Monarch
Access Credential), which is managed dynamically by the server. The PAC is
distributed one at a time to the client manually or automatically.
EAP-FAST has an optional feature called "auto-provisioning", which allows a
client to receive the original PAC file wirelessly from the authentication server.
However, this method is less secure and is not supported by Monarch
portable
printers.
4-16 System Administrator’s Guide