Netgear WGE111 사용자 설명서
User Manual for the NETGEAR 54 Mbps Wireless PC Card WG511
C-10
Wireless Networking Basics
How Does WPA Compare to IEEE 802.11i?
WPA is a subset of the current 802.11i draft and uses certain pieces of the 802.11i draft that are
ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that
are not included in WPA are secure IBSS (Ad Hoc mode), secure fast handoff (for specialized
802.11 VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These
features are either not yet ready for market or will require hardware upgrades to implement.
ready to bring to market today, such as 802.1x and TKIP. The main pieces of the 802.11i draft that
are not included in WPA are secure IBSS (Ad Hoc mode), secure fast handoff (for specialized
802.11 VoIP phones), as well as enhanced encryption protocols, such as AES-CCMP. These
features are either not yet ready for market or will require hardware upgrades to implement.
What are the Key Features of WPA Security?
The following security features are included in the WPA standard:
•
WPA Authentication
•
WPA Encryption Key Management
–
Temporal Key Integrity Protocol (TKIP)
–
Michael message integrity code (MIC)
–
AES Support (to be phased in)
•
Support for a Mixture of WPA and WEP Wireless Clients, but mixing WEP and WPA is
discouraged
discouraged
These features are discussed below.
WPA addresses most of the known WEP vulnerabilities and is primarily intended for wireless
infrastructure networks as found in the enterprise. This infrastructure includes stations, access
points, and authentication servers (typically RADIUS servers). The RADIUS server holds (or has
access to) user credentials (for example, user names and passwords) and authenticates wireless
users before they gain access to the network.
infrastructure networks as found in the enterprise. This infrastructure includes stations, access
points, and authentication servers (typically RADIUS servers). The RADIUS server holds (or has
access to) user credentials (for example, user names and passwords) and authenticates wireless
users before they gain access to the network.
The strength of WPA comes from an integrated sequence of operations that encompass 802.1X/
EAP authentication and sophisticated key management and encryption techniques. Its major
operations include:
EAP authentication and sophisticated key management and encryption techniques. Its major
operations include:
•
Network security capability determination. This occurs at the 802.11 level and is
communicated through WPA information elements in Beacon, Probe Response, and (Re)
Association Requests. Information in these elements includes the authentication method
(802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).
communicated through WPA information elements in Beacon, Probe Response, and (Re)
Association Requests. Information in these elements includes the authentication method
(802.1X or Pre-shared key) and the preferred cipher suite (WEP, TKIP, or AES).