Wireless Security. Microsoft MN700 - Wireless 802.11g Base Station Router, MN-700

The following sections describe the base station security features and how to customize them.

Be aware that changing security settings might affect whether the computers on your network are able to connect to the base station and the Internet. You should not change the default security settings unless you are absolutely clear about your objective in doing so.

Wireless Security

Wireless security helps to protect your network from unauthorized access. Because wireless networks use radio signals, it is possible for wireless network devices outside your immediate area to pick up the signals broadcast by your base station and either connect to your network and access your network resources or capture data as it is being transmitted wirelessly. The Microsoft Broadband Networking Wireless Base Station uses Wired Equivalent

Privacy (WEP) and Wi-Fi Protected Access (WPA) to help prevent unauthorized users from joining your network or accessing data that is being transmitted wirelessly.

Both WEP and WPA use data encryption to help protect your network data. When data is encrypted, it is rendered unreadable by a network key before being transmitted between wireless nodes. The data is readable only by computers that have the key to decrypt the data. This prevents eavesdroppers from capturing your network data as it is being transmitted.

In addition, WEP and WPA enforce one type of authentication for devices on your network. Before a device can join your network, it must provide the WEP network key or WPA passphrase you establish. This prevents unauthorized users from using your Internet connection or accessing shared network resources.

You can establish the wireless security settings for your base station from the Wireless Security page of the Base

Station Management Tool, shown in the following illustration. The following sections describe WEP and WPA in more detail.

Note You cannot enable both WEP and WPA on your network. You must select either WEP or WPA. If you want to enable WPA, make sure that all the computers on your network meet the system requirements necessary to use WPA.

MN-700 Base Station Configuration Guide 18

Wired Equivalent Privacy (WEP)

When you enable WEP, you must choose between 64-bit or 128-bit WEP encryption. The number defines the strength of the data encryption. The higher the number, the more difficult the data is to decrypt.

After you select the wireless encryption strength, you must enter a WEP key. For 64-bit encryption, your WEP key must consist of ten hexadecimal digits. For 128-bit encryption, your WEP key must consist of 26 hexadecimal digits.

A hexadecimal digit is a number or letter in the range 0–9 or A–F.

You must store the WEP key that you establish on the base station on each of your networked computers. This key enables each computer to communicate with the base station. If you are enabling WEP for the first time or changing your network key, be sure to update the wireless security settings for each of your wireless network devices.

You can update the WEP settings for a Microsoft wireless adapter from the Broadband Network Utility. If you are using a non-Microsoft adapter, use the software installed with that adapter to update these settings.

To enable WEP wireless security

1.

Open the Base Station Management Tool, and then click Security.

2.

On the Security menu, click Wireless Security.

3.

Under Wireless encryption, select 128-bit WEP (strong), or leave the default setting of 64-bit WEP (standard).

4.

Type a WEP key in the WEP Key box. For 64-bit encryption, the WEP key must be 10 characters in length. For

128-bit encryption, the WEP key must be 26 characters in length. WEP keys can contain numbers and the letters

A through F.

5.

To save the wireless security (WEP) settings, click Apply.

Wi-Fi Protected Access (WPA)

WPA provides 256-bit data encryption to help protect your network data. This is the strongest data encryption available.

Although WPA is a stronger form of wireless security than WEP, you can enable it only on computers running

Windows XP operating system with Service Pack 1 and the WPA Support Patch installed. You can download the Windows XP Support Patch for WPA at www.support.microsoft.com.

Warning Do not enable WPA on the base station unless all the devices on your network meet the specified system requirements.

When you enable WPA, you establish a passphrase. This passphrase generates a network key dynamically.

You must store the WPA passphrase that you establish on the base station on each of your networked computers.

This passphrase enables each computer to communicate with the base station. If you are enabling WPA for the first time or changing your passphrase, be sure to update the passphrase on each of your wireless network devices.

To enable wireless security (WPA)

1.

Open the Base Station Management Tool, and then click Security.

2.

On the Security menu, click Wireless Security.

3.

On the Wireless Security page of the Base Station Management Tool, under Wireless Encryption, select 256-bit

WPA-PSK (strongest).

4.

In the Passphrase box, type a WPA passphrase. Your passphrase can be between 8 and 63 characters.

5.

To save your wireless security settings, click Apply.

MN-700 Base Station Configuration Guide 19