Local-Area Networks and LAN Switching - CCIE Routing and Switching Exam Certification Guide

Information Technology Reference

In-Depth Information

WLAN Security

WLANs without any encryption present a security risk because the SSIDs can be snooped by

using publicly available software. The IEEE 802.11 standard specifies the use of the Wired

Equivalency Privacy (WEP) for encryption. WLANs use two types of WEP keys: 64-bit and

128-bit. Although WEP provides additional security, it has some weaknesses that provide

security risks. By gathering (snooping) traffic, hackers can obtain the WEP keys by using

freeware software.

Some APs can implement MAC address and protocol filtering to enhance security or limit the

protocols over the WLAN. Again, MAC address filtering can be hacked.

To enhance security, WLANs can be implemented with Virtual Private Network (VPN)

software or use the IEEE 802.1x port-based access control protocol. IEEE 802.1x is covered in

the LAN security section in this chapter.

Cisco also provides dynamic per-user, per-session WEP keys to provide additional security over

statically configured WEP keys, which are not unique per user. For centralized user-based

authentication, Cisco developed the Cisco Extensible Authentication Protocol (LEAP), which

uses mutual authentication between the client and the network server and uses IEEE 802.1x for

802.11 authentication messaging. LEAP uses a RADIUS server to manage user information.

New and Future WLAN Standards

The IEEE 802.11a standard provides an increase of throughput from 802.11b with speeds up to

54 Mbps. IEEE 802.11a uses the 5 GHz bands of the UNII frequencies. For this reason, it is not

backward-compatible with 802.11b WLANs.

IEEE 802.11g is an emerging standard that provides faster WLAN speeds in the ISM 2.4 GHz

band. IEEE 802.11g is backward-compatible with 802.11b WLANs.

IEEE 802.11d provides specifications for WLANs in markets not served by the current 802.11,

802.11b, and 802.11a standards.

IEEE 802.11i provides enhancements to the security and authentication protocols for WLANS.

The emerging IEEE 802.15 standard provides specifications for Wireless Personal Area

Networks (WPANs). The emerging IEEE 802.16 standard provides specifications for fixed

Broadband Wireless Access.

Transparent Bridging (TB)

This section covers bridging between Ethernet networks, STP, CRB, and IRB.

Search WWH ::

Custom Search

Home