Cisco Cisco Aironet 350 Wireless LAN Client Adapter
4
Release Notes for Cisco Aironet Mini PCI Client Adapter Firmware, Version 5.00.01
OL-2099-02
New Features
Step 10
Find the location of the new firmware in the Open Window’s Look in box. The default location is
InstallPath\Firmware, where InstallPath is the directory that ACU was installed in.
InstallPath\Firmware, where InstallPath is the directory that ACU was installed in.
Step 11
Click the firmware image file (*.img) so that it appears in the File name box at the bottom of the Open
window.
window.
Step 12
Click the Open button. A progress bar displays while the selected image is loaded into the mini PCI card’s
Flash memory.
Flash memory.
Step 13
Click OK when the “Firmware Upgrade Complete!” message appears. The OK button cannot be selected
until the process is complete or an error occurs.
until the process is complete or an error occurs.
New Features
This section describes new features for mini PCI card firmware release 5.00.01.
Support for Enhanced Security
Mini PCI card firmware release 5.00.01 supports two new security features designed to prevent
sophisticated attacks on your wireless network’s Wired Equivalent Privacy (WEP) keys. These features
do not need to be enabled on the client adapter; they are supported automatically in the firmware version
listed above. However, they must be enabled on the access point. Access point firmware version 11.10T
or greater is required to enable these security features. Refer to the Cisco Aironet Access Point Software
Configuration Guide for instructions on enabling these security features on the access point.
sophisticated attacks on your wireless network’s Wired Equivalent Privacy (WEP) keys. These features
do not need to be enabled on the client adapter; they are supported automatically in the firmware version
listed above. However, they must be enabled on the access point. Access point firmware version 11.10T
or greater is required to enable these security features. Refer to the Cisco Aironet Access Point Software
Configuration Guide for instructions on enabling these security features on the access point.
•
Temporal Key Integrity Protocol (TKIP) – This feature, also referred to as WEP key hashing,
defends against an attack on WEP in which the intruder uses an unencrypted segment, called the
initialization vector (IV), in encrypted packets to calculate the WEP key. TKIP removes the
predictability that an intruder relies on to determine the WEP key by exploiting IVs. TKIP protects
both unicast and broadcast WEP keys.
defends against an attack on WEP in which the intruder uses an unencrypted segment, called the
initialization vector (IV), in encrypted packets to calculate the WEP key. TKIP removes the
predictability that an intruder relies on to determine the WEP key by exploiting IVs. TKIP protects
both unicast and broadcast WEP keys.
Note
If you enable TKIP on the access point, your client adapter’s firmware must support
TKIP; otherwise, the client cannot associate.
TKIP; otherwise, the client cannot associate.
Note
When you enable TKIP, you do not need to enable broadcast key rotation. TKIP prevents
intruders from calculating the static broadcast key, so you do not need to rotate the
broadcast key.
intruders from calculating the static broadcast key, so you do not need to rotate the
broadcast key.
•
Broadcast key rotation – EAP authentication provides dynamic unicast WEP keys for client devices
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point provides a dynamic broadcast WEP key and changes it at the interval you select.
but uses static broadcast, or multicast, keys. When you enable broadcast WEP key rotation, the
access point provides a dynamic broadcast WEP key and changes it at the interval you select.
Note
When you enable broadcast key rotation on the access point, only wireless client devices
using LEAP or EAP-TLS authentication can associate to the access point. Client devices
using static WEP (with open, shared key, or EAP-MD5 authentication) cannot associate.
using LEAP or EAP-TLS authentication can associate to the access point. Client devices
using static WEP (with open, shared key, or EAP-MD5 authentication) cannot associate.