IEEE 802.11 and IEEE 802.11i

Hi
I am trying to understand the security of wireless networks and I am reading a book about that subject. The book said that IEEE 802.11i is an amendment to the IEEE 802.11 standard and that the 802.11i is more robust wireless LAN security protocol. The only problem I see is that people is still using the old protocol because some of the services provided by the new (802.11i) are

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

-- Once authenticated, the access point send a key to wireless station.

Although the 802.11i standard is not new (2004 I think) I have never seen a wireless router in the market that provides the above features. Users always share a single password and I do not know how authentication and data server are used here.

Is that protcol implemented and if yes where is it?

Please help
Thanks
Jean



jean11Asked:
Who is Participating?
 
kdearingConnect With a Mentor Commented:
Yes, most wireless routers support that feature, the just don't call it that.
When setting up a wireless router's security you usually have the following options:
- none
- WEP
- WPA-PSK
- WPA-Enterprise
- WPA2-PSK
- WPA2-Enterprise

Ths ones marked as 'Enterprise' are 802.11i for remote server authorization (typically radius)
0
 
Craig BeckCommented:
This explains it a little...

http://en.wikipedia.org/wiki/IEEE_802.11i-2004
0
 
jean11Author Commented:
Thanks for the reply.
I know that link but I want to make sure that what is in books are also implemented because I have never seen a wireless router that does the following features:

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

So you mean if we have a Linksys router for example, we can set the protocol to

WPA-Enterprise and WPA2-Enterprise then we will able to use different passwords in an organization/house? because it is using remote server authorization? correct?

Thanks

0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
kdearingCommented:
Yes, that is correct.
One of the more common uses is to use a Windows Server domain controller as a radius server.
That way users can get on the wireless network using their domain credentials.
0
 
jean11Author Commented:
Thanks a lot.

But at home/coffe shops for example where is the authorization take place? at home people do not have  Windows Server domain controller.
So at home no use for this service? right?
or maybe the Internet Provider allow for this authorization service?

Please let me know.
Thanks
0
 
kdearingConnect With a Mentor Commented:
What you are referring to is a "capture portal"
In small hotspots, this is software integrated into the router
In larger environments like a hotel this is typically an IP3 Networks appliance or similar that can be integrated into their property management system

For home and SOHO, the vast majority just use PSK (pre-shared key)
0
 
jean11Author Commented:
What about Extensible Authentication Protocol (EAP) and TKIP (Temporal Key Integrity Protocol)?
Are they included in the  802.11i standard?
Thanks
0
 
kdearingConnect With a Mentor Commented:
This probably explains it better than I can:
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.