Allied Telesis AT-TQ2403 Manual Do Utilizador
60
AT-TQ2403 - Management Software - User's Guide
Additionally, compatibility issues may be cumbersome because of the variety of authentication methods
supported and the lack of a standard implementation method.
supported and the lack of a standard implementation method.
Therefore, IEEE 802.1x mode is not as secure a solution as Wi-Fi Protected Access (WPA) or WPA2. If,
you cannot use WPA because some of your client stations do not have WPA, then a better solution than
using IEEE 802.1x mode is to use WPA Enterprise mode.
See Also
For information on how to configure IEEE 802.1x security mode, see “
” under “Configuring
Security Settings”.
When to Use WPA Personal
Wi-Fi Protected Access Personal Pre-Shared Key (PSK) is an implementation of the Wi-Fi Alliance IEEE
802.11i standard, which includes Advanced Encryption Algorithm (AES), Counter mode/CBC-MAC
802.11i standard, which includes Advanced Encryption Algorithm (AES), Counter mode/CBC-MAC
Protocol (CCMP), and Temporal Key Integrity Protocol (TKIP) mechanisms. This mode offers the same
encryption algorithms as WPA2 with RADIUS but without the ability to integrate a RADIUS server for
user authentication.
This security mode is backwards-compatible for wireless clients that support only the original WPA.
Key Management
Encryption Algorithm
User Authentication
WPA Personal provides
dynamically- generated keys that
are periodically refreshed.
There are different Unicast keys
for each station.
for each station.
Temporal Key Integrity
Protocol (TKIP)
Counter mode / CBC-MAC
Protocol (CCMP) Advanced
Encryption Standard (AES)
The use of a Pre-Shared (PSK)
key provides user authentication
similar to that of shared keys in
WEP.
Recommendations
WPA Personal is not recommended for use with the AT-TQ2403 Management Software when WPA
Enterprise is an option.
We recommend that you use WPA Enterprise mode instead, unless you have interoperability issues that
prevent you from using this mode.
prevent you from using this mode.
For example, some devices on your network may not support WPA or WPA2 with EAP talking to a
RADIUS server. Embedded printer servers or other small client devices with very limited space for
implementation may not support RADIUS. For such cases, we recommend that you use WPA Personal.
See Also
For information on how to configure this security mode, see “
Security Settings”.
When to Use WPA Enterprise
Wi-Fi Protected Access Enterprise with Remote Authentication Dial-In User Service (RADIUS) is an
implementation of the Wi-Fi Alliance IEEE 802.11i standard, which includes Advanced Encryption
Standard (AES), Counter mode/CBC-MAC Protocol (CCMP), and Temporal Key Integrity Protocol
(TKIP) mechanisms. This mode requires the use of a RADIUS server to authenticate users. WPA
Enterprise provides the best security available for wireless networks.