Securing clients and APs

Client security is important, because simply securing the access point does not protect a wireless network. After the weaknesses of the access points are protected, attacking clients becomes the easiest way to gain access to the network. Proper security for clients should be specified in the wireless security policy. This includes security measures such as virus scanning, personal firewalls, and keeping the client programs and operating systems up-to-date.

Additional security for wireless clients may be desirable. For example, WEP should be enabled when possible. As discussed earlier, static WEP has weaknesses. Additional security features, like temporal key integrity program (TKIP), Per-packet keying, and Message Integrity Check (MIC) need to be enabled for additional security. This will be covered in the enterprise encryption section.

Figures and show the Aironet Client Utility (ACU) screen for configuring WEP keys. In addition to the clients, APs and bridges must be secured using WEP .

No matter which type of authentication is used, the WEP keys entered on the client and the access point must match. The keys themselves must match, and the order of the keys must match. For example, a 40-bit key entered as Key 1 on the client must match the 40-bit key entered as Key 1 on the access point.

Lab Activity

Lab Exercise: Configure WEP on AP and Client

In this lab, students will demonstrate an understanding of the role of a WEP key in network security. Additionally, students will learn how to enable WEP on an access point and how to enable WEP on the wireless PC client.

Lab Activity

Lab Exercise: Configure an AP as a Repeater Using WEP

In this lab, students will learn to extend the coverage of a basic service set topology by implementing an AP as a repeater using WEP.

Resources

Verify the Firmware and Driver Versions