Basic  |  Advanced  |  Digital City  |  White Papers  |  Glossary
Advanced Networking >> Security | Wireless | Wired | Broadband | Multimedia Networks
Network Security
Firewalls
Virtual Private Networks
Wireless Security
Wireless Security
About WEP
About WPA
802.1x
802.11i

About WPA

WPA is short for Wi-Fi Protected Access and is the newly defined Wi-Fi standard that was designed to address the shortcomings of WEP.

WPA includes two major improvements over WEP:

  • Temporal Key Integrity Protocol (TKIP). TKIP encrypts each data packet sent through the air with its own unique encryption key
  • 802.1x user authentication . 802.1x user authentication is a protocol in which the user attempting to access the wireless network must prove that they are legitimately authorized to connect. “Authorized users” accessing the network usually have an account already set up by the network administrator and are provided with unique login information. This way is more secure than WEP because the way WEP regulates access to a wireless network is based purely on a commonly shared password.

WPA is broken down into two levels:

  1. WPA-Personal . WPA-Personal is the most basic of WPA and is more suitable for home users who do not have server-based equipment needed for the 802.1x user authentication process. The method of authentication is similar to WEP because you define a “Pre-Shared Key” or a “password” on the wireless router/AP. Once the pre-shared key is confirmed and satisfied on both the client and access point, then access is granted. You will typically see WPA-Personal written as WPA-PSK.
  2. WPA-Enterprise. WPA-Enterprise is ideal for businesses that have an existing security infrastructure in place. Such existing management and security implementation can now be centralized on a RADIUS (Remote Authentication Dial-in User Service) server that is located on the network. Utilizing 802.1x with a RADIUS server, a network administrator can define a list of authorized users who can access the wireless LAN. When attempting to access a wireless LAN with WPA-Enterprise configured, the new client will be challenged with a username and password. If the new client is authorized by the administrator, the client will have the correct login information and will receive access to the network. In a scenario where an employee leaves the company, the network administrator can remove the employee from the authorized list and will not have to worry about the network being compromised by the former employee.

Next >>

 
Site Map | Legal Info | Privacy Policy Copyright © 2005 D-Link Systems, Inc. All Rights Reserved.