1 Radiant Systems Wireless Point-of

1 Radiant Systems Wireless Point-of
Abacus Business Solutions
15301 Roosevelt Blvd., Suite 303
Clearwater, FL 33760
P: (727) 524-0177
F: (727) 524-0188
www.abacuspos.com
Radiant Systems Wireless Point-of-Sale Security Requirements
This document presents Radiant's security requirements for wireless point-of-sale (POS) deployments by
Aloha dealers.
Upon receipt of Radiant wireless POS terminals and access points, Aloha dealers should follow the stepby-step instructions provided below to enable Wi-Fi Protected Access (WPA) security and change the
SSID, passphrase, and AP password on a per-client or per-site basis. While no security solution can ever
claim to be absolutely secure, the protection that WPA provides is significant. For detailed information on
industry standard WPA security (including a White Paper and Q&A), please visit the Wi-Fi Alliance web
site at www.wi-fi.org.
In the event that a wireless POS terminal or access point requires service, and Radiant's Advanced
Exchange Depot program is being used, please note that the replacement equipment will NOT be
configured with the client or site specific SSID, passphrase, and AP password assigned by the dealer
during the initial install. Aloha dealers are responsible for reconfiguring the security measures on the
replacement equipment so it will work at the site.
NOTE: Radiant ships all wireless POS terminals and access points to Aloha dealers configured with
dealer-specific SSIDs, passphrases, and AP passwords. This is done solely to minimize the possibility of
equipment being inadvertently installed at an end-user's site without any wireless security measures
enabled. This is strictly a precautionary step and is NOT intended to be the deployed wireless security
configuration at end users' sites. Again, upon receipt of wireless equipment from Radiant, dealers should
follow the instructions provided below to reconfigure the equipment with either client-specific or sitespecific SSIDs, passphrases, and AP passwords.
Choosing a Security Setup
1. Choose an SSID
The SSID is the Wireless Network’s name. All Wireless clients must know the SSID of an AP in
order to connect to the AP. Changing the SSID in an AP from the default SSID protects against
someone who knows the default SSID’s that AP manufacturers use. Selecting a unique SSID
makes it harder for an intruder to guess the SSID. Examples of Valid SSID’s:
“Radiant Systems”, “Kitchen AP 1”, “POS Stations” etc.
2. Choose a Passphrase
IMPORTANT: Radiant requires that any client device that supports credit card transactions
must use WPA security or better. All forms of WEP, the previous wireless security standard,
have known security flaws and are not suitable for sensitive data. The DLink 2100 Access Point
has the ability to use WPA-PSK which is a much more secure form of wireless encryption. Select
a Passphrase, which can be an alpha-numeric string, 8 to 63 characters long. This Passphrase
should be a strong password, i.e.:
a. not susceptible to a dictionary attack (don't use common words),
b. using both letters and numbers.
c. using both upper and lower case.
d. non-repeating characters.
e. the longer the better.
3. Select an AP Management Password
We recommend that you change the password from the DLink default (which is a blank
password). This will prevent someone who gains access to the network from being able to view
or change the AP settings. Select an Alpha-numeric password.
1
Radiant Systems Wireless Point-of-Sale Security Requirements
4. Additional Security Feature Notes
Disable SSID broadcast on the AP - Disabling SSID broadcast prevents the AP from announcing
what its SSID is, so that an intruder must get the SSID by some other means in order to get on
the wireless network. Note that this only removes the SSID from the Beacon that the AP sends
out periodically to announce its presence. The SSID is still broadcast in other wireless packets
that a knowledgeable intruder could use to view the AP’s SSID.
SSID :
WPA Passphrase :
AP Management Password :
Access Point Setup
Detailed instructions for setting up the Linksys WRT54G and Dlink DWL-2100 with the above security
settings are included below.
Linksys WRT54G AP Setup
AP Firmware Version: v3.03.6
The Linksys AP is shipped with Radiant security settings pre-loaded. These settings should be changed
on a per-site or per-client basis during the installation process. The AP and the client settings must
match for the devices to communicate with each other. The following steps take you through the AP
setup.
1. Reset the unit to Factory Defaults:
a. Plug in the unit, and let it completely boot up (approx 10 – 15 seconds).
b. Find the button on the back of the unit labeled Reset.
c. Hold the reset button down for 5 seconds, then release.
d. When the power LED stops blinking and becomes solid, all of the settings in the unit have
been reset to defaults.
2. Connect to the AP and open the configuration menus:
a. Connect your pc to the AP with a network cable going to one of the numbered ports.
b. Make sure you are in the correct IP address range to connect to it.
c. Open a Web browser and connect to 192.168.1.1
d. Username:<blank>, Password:admin
e. If you have any problems connections, refer to the Installation Guide included with the AP.
3. Change the SSID and Disable SSID Broadcast
a. Click the “Wireless” menu option at the top of the page, then the “Basic Wireless Settings”
sub-menu option.
b. Edit the “Wireless Network Name (SSID)” box, entering your SSID for the wireless network.
c. Change Wireless SSID Broadcast: to “Disable”
d. Click “Save Settings”.
2
Radiant Systems Wireless Point-of-Sale Security Requirements
4. Enable WPA Encryption and enter the Passphrase
a. Click the “Wireless” menu option at the top of the page, then the “Basic Wireless Settings”
sub-menu option.
b. Under “Security Mode”, select “WPA Pre-Shared Key”
c. Under “WPA Algorithms”, select “TKIP”
d. Enter your Passphrase, which can be an alpha-numeric string, 8 to 63 characters long.
e. Click “Save Settings”.
5. Change the AP Management Password
a. Click the “Administration” menu option at the top of the page, then the “Management” submenu option.
b. Fill in your AP Management password under “Router Password” and “Re-enter To Confirm”
c. Click “Save Settings”.
Dlink DWL-2100 AP Setup
The AP is shipped with Radiant security settings pre-loaded. These settings should be changed on a persite or per-client basis during the installation process. The AP and the client settings must match for the
devices to communicate with each other. The following steps take you through the AP setup.
1. Reset the unit to Factory Defaults:
e. Plug in the unit, and while the unit is on, insert a paper clip into the hole on the back of the
unit labeled Reset.
f. Use the paper clip to hold the reset button down for 5 seconds, then release.
g. When the power LED stops blinking and becomes solid, the unit has been reset.
2. Connect to the Dlink AP and open the configuration menus:
a. To access the configuration menus for the Dlink AP, refer to the Dlink Quick Installation
Guide included with the AP.
3. Change the SSID and Disable SSID Broadcast
e. Click the “Home” Tab, then the “Wireless” button on the side.
f. Edit the SSID box, entering your SSID for the wireless network.
g. Change SSID Broadcast to “Disable”
h. Click Apply. When the AP restarts, the SSID will be changed, and the AP will stop
broadcasting its SSID.
4. Enable WPA Encryption and enter the Passphrase
f. Click the “Advanced” Tab, then click the “Encryption” button on the side
g. Under Authentication, select “WPA”, then click "Apply", which will take you to the WPA
settings page.
h. Under WPA settings, select “PSK” for WPA Mode.
i. Enter a Passphrase, which can be an alpha-numeric string, 8 to 63 characters long.
j. Click “Apply Settings”. When the AP restarts, WPA will be enabled.
3
Radiant Systems Wireless Point-of-Sale Security Requirements
5. Change the AP Management Password
a. Click the “Tools” Tab, then click the Admin button on the side.
b. Enter the old password (default is no password), enter the new Password and confirm the
new Password.
c. Click Apply. When the AP restarts, you will need to enter the new password to configure the
AP.
d. You can now close the configuration window.
P1550 and P1510 Client Setup
Detailed instructions for setting up the Linksys WUSB54G and Intel 2200 BG Wireless Clients with the
above security settings are included below.
Linksys WUSB54G USB Client Adapter
We currently recommend that you use Windows Wireless Zero Config Service for managing your wireless
connection. This service supports WPA on XP and XPembedded, as long as you have at lease Service
Pack 2 installed. If SP2 is not installed, you will need to install the Linksys Wireless Utility in order to use
WPA security.
To install just the Linksys driver (for use with the Windows Wireless Zero Config Service):
a. Boot up you POS and plug your WUSB54G Adapter into an available USB port.
b. When Windows detects the adapter, the “Found New Hardware Wizard” will appear.
c. Select the second option - “Install from a list or specific location (Advanced)”, then Next.
d. Select “Don’t Search”, then Next
e. Select “Network Adapters”, then Next (this may take a few seconds)
f. Click “Have Disk”
g. Browse to the directory with your Linksys drivers (something like
Linksys\Drivers\WUSBGv4\rt2500usb.inf)
h. Click “Open”, Then “Ok”, Then “Next”
i. The driver should install, then Click “Finish”
Security Setup:
a. Go to Control Panel -> Network Connections
b. Right click the “Wireless Network Connection” and select “Properties”
c. Open the “Wireless Networks” tab
d. Make sure the “Use Windows to configure my wireless network settings” check box is
selected.
e. Click “Add”
f. Enter your SSID.
g. Under “Network Authentication” select WPA-PSK
h. Under “Data encryption” select TKIP
i. Enter your passphrase in “Network key” and “Confirm Network key”
j. Click “OK”
Intel PRO/Wireless 2200BG
The Intel PRO/Wireless 2200BG has currently been discontinued as an option on Radiant Terminals. If
you happen to have this card in an older setup, here are the instructions for setting up the security options
for it.
The Intel PRO/Wireless 2200BG adapter card is integrated at the factory. This mini-PCI card complies
with the IEEE 802.11b/g dual mode standard and utilizes the low-profile PCI slot on the terminal. When
4
Radiant Systems Wireless Point-of-Sale Security Requirements
used in conjunction with an 802.11g access point such as the DLink DWL-2100, the maximum
communication rate is 54 Mbps and will decrease as distance from the access point increases. If used
with an 802.11b access point, the maximum communication rate is 11 Mbps.
We recommend the use of the Intel ProSet™ Wireless Manager to configure the wireless settings.
Windows Zero Config, an alternative configuration method, does not support WPA security on some of
our released platforms (XP Embedded SP1 for example), whereas Intel ProSet™ Wireless Manager
should work on all platforms. Thus, the following instructions assume the use of the Intel ProSet™
Wireless Manager.
Once you have the AP set up per the above instructions, perform the following steps to enable a Radiant
P1550 or P1510 terminal configured with an Intel wireless card to connect to the wireless network:
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
Open “Intel® ProSet for Wireless” (either through the task bar icon, or through the Control Panel)
Select the “Intel® PRO/Wireless 2200BG Network Connection” in the left pane.
Click the “Networks” tab, then click “Add”
Type in a Profile Name (it can be the same as the SSID configured in the AP)
Type in the Network Name (SSID) to match exactly what is configured in the AP (it is case
sensitive).
Make sure the “Infrastructure” bullet is selected.
Click “Next”
Set the Network Authentication to “WPA_PSK”
Set the Data Encryption to “TKIP”
Under “WPA Pre-Shared Key Settings", select “Use Passphrase” and enter the passphrase to
match exactly the AP’s configuration (it is case sensitive).
Click Finish.
This will bring you back to the Network Tab in PROSet. The Profile you just entered should be
listed in the Profile list. Move the Profile you just entered to the top of the list of profiles by
selecting your profile in the list, and clicking the up arrow to the left of the list.
Click OK to close ProSet™
5
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertising