Cisco Cisco Aironet 1200 Access Point 브로셔
© 2005 Cisco Systems, Inc. All rights reserved.
Important notices, privacy statements, and trademarks of Cisco Systems, Inc. can be found on cisco.com.
Page 3 of 15
Figure 1. Multiple plenum-ratable Cisco Aironet autonomous or lightweight access points can be placed throughout a building or
campus to maintain fully secure, uninterrupted access to all network resources. Cisco Aironet access points provide users
equipped with Cisco Aironet, Cisco Compatible or Wi-Fi Certified WLAN client adapters with the ability to move freely about
covered areas of the campus.
equipped with Cisco Aironet, Cisco Compatible or Wi-Fi Certified WLAN client adapters with the ability to move freely about
covered areas of the campus.
Open Access
All Wi-Fi Certified wireless LAN products, such as Cisco Aironet Series products, are shipped in “open-access” mode, with their security features
turned off. While open access or no security may be appropriate and acceptable for public hot spots such as coffee shops, college campuses, airports,
or other public locations, it is not an option for an enterprise organization. Security needs to be enabled on wireless devices during their installation
in enterprise environments. As mentioned previously, some companies are not turning on their WLAN security features. These companies are
exposing their networks to serious risk.
Basic Security: SSIDs, WEP, and MAC Address Authentication
Basic security includes the use of Service Set Identifiers (SSIDs), open or shared-key authentication, static WEP keys, and optional Media Access
Control (MAC) authentication. This combination offers a rudimentary level of access control and privacy, but each element can be compromised.
“SSID” is a common network name for the devices in a WLAN subsystem; it serves to logically segment that subsystem. An SSID prevents access
by any client device that does not have the SSID. By default, however, an access point broadcasts its SSID in its beacon. Even if broadcasting of the
SSID is turned off, an intruder or hacker can detect the SSID through what is known as “sniffing”—or undetected monitoring of the network.
The 802.11 standard, a group of specifications for WLANs created by the IEEE, supports two means of client authentication: open and shared-key
authentication. Open authentication involves little more than supplying the correct SSID. With shared-key authentication, the access point sends the
client device a challenge-text packet that the client must then encrypt with the correct WEP key and return to the access point. Without the correct
key, authentication will fail and the client will not be allowed to associate with the access point. Shared-key authentication is not considered secure,
because an intruder who detects both the clear-text challenge and the same challenge encrypted with a WEP key can decipher the WEP key.