ZyXEL Access Point G1000 v2 91-005-124001B Manual Do Utilizador
Códigos do produto
91-005-124001B
ZyXEL G-1000 v2 User’s Guide
50
Chapter 4 Wireless LAN
Security stops unauthorized devices from using the wireless network. It can also protect
the information that is sent in the wireless network.
the information that is sent in the wireless network.
4.2 Wireless Security Overview
The following sections introduce different types of wireless security you can set up in the
wireless network.
wireless network.
4.2.1 SSID
Normally, the AP acts like a beacon and regularly broadcasts the SSID in the area. You can
hide the SSID instead, in which case the AP does not broadcast the SSID. In addition, you
should change the default SSID to something that is difficult to guess.
hide the SSID instead, in which case the AP does not broadcast the SSID. In addition, you
should change the default SSID to something that is difficult to guess.
This type of security is fairly weak, however, because there are ways for unauthorized devices
to get the SSID. In addition, unauthorized devices can still see the information that is sent in
the wireless network.
to get the SSID. In addition, unauthorized devices can still see the information that is sent in
the wireless network.
4.2.2 MAC Address Filter
Every wireless client has a unique identification number, called a MAC address.
1
A MAC
address is usually written using twelve hexadecimal characters
2
; for example, 00A0C5000002
or 00:A0:C5:00:00:02. To get the MAC address for each wireless client, see the appropriate
User’s Guide or other documentation.
User’s Guide or other documentation.
You can use the MAC address filter to tell the AP which wireless clients are allowed or not
allowed to use the wireless network. If a wireless client is allowed to use the wireless network,
it still has to have the correct settings (SSID, channel, and security). If a wireless client is not
allowed to use the wireless network, it does not matter if it has the correct settings.
allowed to use the wireless network. If a wireless client is allowed to use the wireless network,
it still has to have the correct settings (SSID, channel, and security). If a wireless client is not
allowed to use the wireless network, it does not matter if it has the correct settings.
This type of security does not protect the information that is sent in the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.
Furthermore, there are ways for unauthorized devices to get the MAC address of an authorized
wireless client. Then, they can use that MAC address to use the wireless network.
4.2.3 User Authentication
You can make every user log in to the wireless network before they can use it. This is called
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.
user authentication. However, every wireless client in the wireless network has to support
IEEE 802.1x to do this.
For wireless networks, there are two typical places to store the user names and passwords for
each user.
each user.
1.
Some wireless devices, such as scanners, can detect wireless networks but cannot use wireless
networks. These kinds of wireless devices might not have MAC addresses.
2.
Hexadecimal characters are 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E, and F.