ZyXEL Communications Corporation NWA1121NI 用户手册
Chapter 1 Introducing the NWA1121-NI
NWA1121-NI User’s Guide
16
1.4 Configuring Your NWA1121-NI’s Security Features
Your NWA1121-NI comes with a variety of security features. This section summarizes these
features and provides links to sections in the User’s Guide to configure security settings on your
NWA1121-NI. Follow the suggestions below to improve security on your NWA1121-NI and network.
features and provides links to sections in the User’s Guide to configure security settings on your
NWA1121-NI. Follow the suggestions below to improve security on your NWA1121-NI and network.
1.4.1 Control Access to Your Device
Ensure only people with permission can access your NWA1121-NI.
• Control physical access by locating devices in secure areas, such as locked rooms. Most
NWA1121-NIs have a reset button. If an unauthorized person has access to the reset button,
they can then reset the device’s password to its default password, log in and reconfigure its
settings.
they can then reset the device’s password to its default password, log in and reconfigure its
settings.
• Change any default passwords on the NWA1121-NI, such as the password used for accessing the
NWA1121-NI’s web configurator (if it has a web configurator). Use a password with a
combination of letters and numbers and change your password regularly. Write down the
password and put it in a safe place.
combination of letters and numbers and change your password regularly. Write down the
password and put it in a safe place.
•
Avoid setting a long timeout period before the NWA1121-NI’s web configurator automatically
times out. A short timeout reduces the risk of unauthorized person accessing the web
configurator while it is left idle.
times out. A short timeout reduces the risk of unauthorized person accessing the web
configurator while it is left idle.
for instructions on changing your password
and setting the
timeout period
.
• Configure remote management to control who can manage your NWA1121-NI. See
for more information. If you enable remote management, ensure you have enabled
remote management only on the IP addresses, services or interfaces you intended and that other
remote management settings are disabled.
remote management settings are disabled.
1.4.2 Wireless Security
Wireless devices are especially vulnerable to attack.
If your NWA1121-NI has a wireless function,
take the following measures to improve wireless security.
• Enable wireless security on your NWA1121-NI. Choose the most secure encryption method that
all devices on your network support. See
encryption. If you have a RADIUS server, enable IEEE 802.1x or WPA(2) user identification on
your network so users must log in. This method is more common in business environments.
your network so users must log in. This method is more common in business environments.
• Hide your wireless network name (SSID). The SSID can be regularly broadcast and unauthorized
users may use this information to access your network. See
for directions
on using the web configurator to hide the SSID.
• Enable the MAC filter to allow only trusted users to access your wireless network or deny
unwanted users access based on their MAC address. See
for directions on
configuring the MAC filter.
1.5 Good Habits for Managing the NWA1121-NI
Do the following things regularly to make the NWA1121-NI more secure and to manage it more
effectively.
effectively.