[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 511
  • Last Modified:

IEEE 802.11 and IEEE 802.11i

Hi
I am trying to understand the security of wireless networks and I am reading a book about that subject. The book said that IEEE 802.11i is an amendment to the IEEE 802.11 standard and that the 802.11i is more robust wireless LAN security protocol. The only problem I see is that people is still using the old protocol because some of the services provided by the new (802.11i) are

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

-- Once authenticated, the access point send a key to wireless station.

Although the 802.11i standard is not new (2004 I think) I have never seen a wireless router in the market that provides the above features. Users always share a single password and I do not know how authentication and data server are used here.

Is that protcol implemented and if yes where is it?

Please help
Thanks
Jean



0
jean11
Asked:
jean11
3 Solutions
 
kdearingCommented:
Yes, most wireless routers support that feature, the just don't call it that.
When setting up a wireless router's security you usually have the following options:
- none
- WEP
- WPA-PSK
- WPA-Enterprise
- WPA2-PSK
- WPA2-Enterprise

Ths ones marked as 'Enterprise' are 802.11i for remote server authorization (typically radius)
0
 
Craig BeckCommented:
This explains it a little...

http://en.wikipedia.org/wiki/IEEE_802.11i-2004
0
 
jean11Author Commented:
Thanks for the reply.
I know that link but I want to make sure that what is in books are also implemented because I have never seen a wireless router that does the following features:

--authentication server: The authentication follows the RADIUS standard

--user data server: use Kerberos (central control)

--Individual keys are given out at access point.

So you mean if we have a Linksys router for example, we can set the protocol to

WPA-Enterprise and WPA2-Enterprise then we will able to use different passwords in an organization/house? because it is using remote server authorization? correct?

Thanks

0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
kdearingCommented:
Yes, that is correct.
One of the more common uses is to use a Windows Server domain controller as a radius server.
That way users can get on the wireless network using their domain credentials.
0
 
jean11Author Commented:
Thanks a lot.

But at home/coffe shops for example where is the authorization take place? at home people do not have  Windows Server domain controller.
So at home no use for this service? right?
or maybe the Internet Provider allow for this authorization service?

Please let me know.
Thanks
0
 
kdearingCommented:
What you are referring to is a "capture portal"
In small hotspots, this is software integrated into the router
In larger environments like a hotel this is typically an IP3 Networks appliance or similar that can be integrated into their property management system

For home and SOHO, the vast majority just use PSK (pre-shared key)
0
 
jean11Author Commented:
What about Extensible Authentication Protocol (EAP) and TKIP (Temporal Key Integrity Protocol)?
Are they included in the  802.11i standard?
Thanks
0
 
kdearingCommented:
This probably explains it better than I can:
http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access
0
 
QlemoC++ DeveloperCommented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now