Cisco Cisco Aironet 350 Access Points
2
Introduction
OL-2385-01
Introduction
Introduction
Cisco Aironet access points are wireless LAN transceivers that can act as the center point of a standalone
wireless network or as the connection point between wireless and wired networks. Cisco Aironet bridges
are wireless LAN transceivers that connect two or more remote networks into a single LAN. The 350
series bridge can also be used as a rugged access point, providing network access to wireless client
devices.
wireless network or as the connection point between wireless and wired networks. Cisco Aironet bridges
are wireless LAN transceivers that connect two or more remote networks into a single LAN. The 350
series bridge can also be used as a rugged access point, providing network access to wireless client
devices.
The access point and bridge use a browser-based management system. The system settings are on web
pages in the system firmware. You use your internet browser to view and adjust the system settings.
pages in the system firmware. You use your internet browser to view and adjust the system settings.
Access point and bridge firmware version 11.10T1 fixes defects CSCdw63011, CSCdw63031, and
CSCdw63032.
CSCdw63032.
New Features
This section describes new features introduced in firmware version 11.10T. These features are also
included in firmware version 11.10T1.
included in firmware version 11.10T1.
Prevent Attacks on WEP with Enhanced Security
Three new security features prevent sophisticated attacks on your wireless network’s WEP keys:
•
Message Integrity Check (MIC)—MIC prevents attacks on encrypted packets called bit-flip attacks.
During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and
retransmits it, and the receiver accepts the retransmitted message as legitimate. The MIC,
implemented on both the access point or bridge and all associated client devices, adds a few bytes
to each packet to make the packets tamper-proof. Click this link for instructions on enabling MIC:
During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and
retransmits it, and the receiver accepts the retransmitted message as legitimate. The MIC,
implemented on both the access point or bridge and all associated client devices, adds a few bytes
to each packet to make the packets tamper-proof. Click this link for instructions on enabling MIC:
•
Temporal Key Integrity Protocol (TKIP)—Also known as WEP key hashing, this feature defends
against an attack on WEP in which the intruder uses the initialization vector (IV) in encrypted
packets to calculate the WEP key. WEP key hashing removes the predictability that an intruder relies
on to determine the WEP key by exploiting IVs. Click this link for instructions on enabling key
hashing:
against an attack on WEP in which the intruder uses the initialization vector (IV) in encrypted
packets to calculate the WEP key. WEP key hashing removes the predictability that an intruder relies
on to determine the WEP key by exploiting IVs. Click this link for instructions on enabling key
hashing:
•
Broadcast key rotation—EAP authentication provides dynamic unicast WEP keys for client devices
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point or bridge provides a dynamic broadcast WEP key and changes it at the interval you
select. Click this link for instructions on enabling broadcast key rotation:
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point or bridge provides a dynamic broadcast WEP key and changes it at the interval you
select. Click this link for instructions on enabling broadcast key rotation:
Note
To use these security features, you must upgrade client devices associated to the access point or
bridge to these software versions: Aironet Client Utility version 5.0x, PC card driver version 8.0x for
Microsoft Windows , and radio firmware version 4.25.23 or later.
bridge to these software versions: Aironet Client Utility version 5.0x, PC card driver version 8.0x for
Microsoft Windows , and radio firmware version 4.25.23 or later.