Psion Teklogix 9160 G2 Manuale Utente
Psion Teklogix 9160 G2 Wireless Gateway User Manual
97
Chapter 10: Configuring Security
Comparison Of Security Modes For Key Management, Authentication And Encryption Algorithms
should be used whenever possible. All WPA modes allow you to use these encryp-
tion schemes, so WPA security modes are recommended above the others when
using WPA is an option. Additionally, this mode incorporates a RADIUS server for
user authentication which gives it an edge over WPA Personal mode.
tion schemes, so WPA security modes are recommended above the others when
using WPA is an option. Additionally, this mode incorporates a RADIUS server for
user authentication which gives it an edge over WPA Personal mode.
Use the following guidelines for choosing options within the WPA Enterprise mode
security mode:
security mode:
1.
The best security you can have to date on a wireless network is WPA
Enterprise mode using CCMP (AES) encryption algorithm. AES is a
symmetric 128-bit block data encryption technique that works on mul-
tiple layers of the network. It is the most effective encryption system
currently available for wireless networks. If all clients or other APs on
the network are WPA/CCMP compatible, use this encryption algo-
rithm. (If all clients are WPA2 compatible, choose to support only
WPA2 clients.)
Enterprise mode using CCMP (AES) encryption algorithm. AES is a
symmetric 128-bit block data encryption technique that works on mul-
tiple layers of the network. It is the most effective encryption system
currently available for wireless networks. If all clients or other APs on
the network are WPA/CCMP compatible, use this encryption algo-
rithm. (If all clients are WPA2 compatible, choose to support only
WPA2 clients.)
2.
The second best choice is WPA Enterprise with the encryption algo-
rithm set to both TKIP and CCMP. This lets WPA client stations
without CCMP associate, uses TKIP for encrypting Multicast and
Broadcast frames, and allows clients to select whether to use CCMP or
TKIP for Unicast (AP-to-single-station) frames. This WPA configura-
tion allows more interoperability, at the expense of some security.
Client stations that support CCMP can use it for their Unicast frames.
If you encounter AP-to-station interoperability problems with the
“Both” encryption algorithm setting, then you will need to select TKIP
instead. (See next option.)
rithm set to both TKIP and CCMP. This lets WPA client stations
without CCMP associate, uses TKIP for encrypting Multicast and
Broadcast frames, and allows clients to select whether to use CCMP or
TKIP for Unicast (AP-to-single-station) frames. This WPA configura-
tion allows more interoperability, at the expense of some security.
Client stations that support CCMP can use it for their Unicast frames.
If you encounter AP-to-station interoperability problems with the
“Both” encryption algorithm setting, then you will need to select TKIP
instead. (See next option.)
3.
The third best choice is WPA Enterprise with the encryption algorithm
set to TKIP. Some clients have interoperability issues with CCMP and
TKIP enabled at same time. If you encounter this problem, then choose
TKIP as the encryption algorithm. This is the standard WPA mode, and
most interoperable mode with client Wireless software security fea-
tures. TKIP is the only encryption algorithm that is being tested in Wi-
Fi WPA certification.
set to TKIP. Some clients have interoperability issues with CCMP and
TKIP enabled at same time. If you encounter this problem, then choose
TKIP as the encryption algorithm. This is the standard WPA mode, and
most interoperable mode with client Wireless software security fea-
tures. TKIP is the only encryption algorithm that is being tested in Wi-
Fi WPA certification.
See Also
For information on how to configure this security mode, see “WPA Enterprise” on
page 112.
page 112.