Wireless Security - Implementing Network Encryption

Implementing Network Encryption

In order to implement 802.11i, one must first make sure both that the router/access point(s), as well as all client devices are indeed equipped to support the network encryption. If this is done, a server such as RADIUS, ADS, NDS, or LDAP needs to be integrated. This server can be a computer on the local network, an access point / router with integrated authentication server, or a remote server. AP's/routers with integrated authentication servers are often very expensive and specifically an option for commercial usage like hot spots. Hosted 802.1X servers via the Internet require a monthly fee; running a private server is free yet has the disadvantage that one must set it up and that the server needs to be on continuously

To set up a server, server and client software must be installed. Server software required is a enterprise authentication server such as RADIUS, ADS, NDS, or LDAP. The required software can be picked from various suppliers as Microsoft, Cisco, Funk Software, Meetinghouse Data, and from some open-source projects. Software includes:

• Cisco Secure Access Control Software
• Microsoft Internet Authentication Service
• Meetinghouse Data EAGIS
• Funk Software Steel Belted RADIUS (Odyssey)
• freeRADIUS (open-source)
• SkyFriendz (free cloud solution based on freeRADIUS)

Client software comes built-in with Windows XP and may be integrated into other OS's using any of following software:

• Intel PROSet/Wireless Software
• Cisco ACU-client
• Odyssey client
• AEGIS-client
• Xsupplicant (open1X)-project