Keyguard
Keyguard (a form of WEP) could be all a small
business needs for the simple encryption of wireless data.
Keyguard
is a proprietary encryption method and an enhancement to WEP encryption, and was
developed before the finalization of WPA-TKIP. The Keyguard encryption
implementation is based on the IEEE Wi-Fi standard, 802.11i.
To configure Keyguard encryption on a WLAN:
-
Select to display available WLANs.
-
Click Add to create an additional
WLAN, or select an existing WLAN and click Edit to modify its security
properties.
-
Select Security.
-
Select the Keyguard check box from
within the Select
Encryption field.
The screen populates with the
parameters required to define a keyguard configuration for the new or existing
WLAN.
-
Configure the following keyguard settings:
Generate Keys |
Specify a 4- to
32-character pass key and click Generate. TThe pass key can be any
alphanumeric string. The access point, other proprietary
routers, and WiNG clients use the algorithm to convert
an ASCII string to the same hexadecimal number. Clients
without these WiNG adapters need to use keys manually
configured as hexadecimal numbers.
|
Keys 1-4 |
Use the Key #1-4
fields to specify key numbers. For keyguard (104-bit key),
the keys are 26 hexadecimal characters in length. Select one
of these keys for default activation by clicking its radio
button. Selecting Show
displays a key in exposed plain text. |
Restore Default WEP Keys |
Select this button to restore the
keyguard algorithm to its default settings. This might be
necessary, for example, if the latest defined algorithm has
been compromised and no longer provides its former measure
of data security. |
Default WEP keyguard keys are as follows:
- Key 1 101112131415161718191A1B1C
- Key 2 202122232425262728292A2B2C
- Key 3 303132333435363738393A3B3C
- Key 4 404142434445464748494A4B4C
-
Select OK when completed to update
the WLAN's keyguard encryption configuration.
Select Reset to revert to the last saved configuration.
Before defining a keyguard configuration on a
WLAN, refer to the following deployment guidelines to ensure the configuration is
optimally effective:
- WiNG proprietary authentication techniques
can also be enabled on WLANs supporting other WiNG proprietary techniques, such
as keyguard.
- A WLAN using keyguard to support legacy devices should
largely limit its use of keyguard to those legacy devices only.
- If WEP support is needed for WLAN legacy
device support, 802.1X EAP authentication should be also configured in order for
the WLAN to provide authentication and dynamic key derivation and rotation.