https://learningnetwork.cisco.com/community/connections/china
Copyright @ 2010 Cisco Systems Inc. All rights reserved.
This doc is for reference only. Please refer to the exam authority for details. If you want to repost this
document, please properly reference the author and the source website
https://learningnetwork.cisco.com/community/connections/china
CCNA Study Group on Wireless LAN
Authored by Mark Ng and Patrick Ng July 2010
Wireless LAN basics
Wireless LAN refers to the networks where connectivity is provided not through
physical cabling, but via radio waves. The most prominent and common standard
is the IEEE 802.11 standard. The ITU, Wi-Fi alliance as we as the Federal
Communications and Commission (FCC) also provide guidance to the building of
standards.
As of today, the available 802.11 standards include 802.11, 802.11b, 802.11g and
802.11n which prescribe different channels and speed supported.
A wireless LAN device can operate in one of two modes: Ad hoc or Infrastructure
mode. In Ad hoc mode, wireless LAN devices, usually PCs or handheld devices,
communicate with each other directly. For example, a user my sync his/her
mobile phone address book with his/her laptop by connecting the two devices in
Ad hoc mode. In infrastructure mode, one or more special devices called an
Access Point (AP) is involved. The AP, connected to the rest of the physical
network, acted as an access devices where all the wireless LAN devices connect
to.
https://learningnetwork.cisco.com/community/connections/china
Copyright @ 2010 Cisco Systems Inc. All rights reserved.
This doc is for reference only. Please refer to the exam authority for details. If you want to repost this
document, please properly reference the author and the source website
https://learningnetwork.cisco.com/community/connections/china
Wireless LAN advantages and disadvantages
The biggest advantage of wireless LAN is that it is easy
provide network access to devices and users, beca
cables or installation of wall jacks
users actually access the network.
On the other hand, because of the open nature of wireless LAN, several
challenges are presented. The first and f
administrator needs to make sure that only authorized users have access to the
network.
Wireless LAN security
When configuring wireless LAN de
to several points:
SSID
SSID, or Service Set Identifier, is a string that identifies a particular wireless LAN
device. By default, most APs broadcast their SSID so that users can find them.
However, it is a good idea for an administrator to disable the broadcasting of SSID
https://learningnetwork.cisco.com/community/connections/china
Copyright @ 2010 Cisco Systems Inc. All rights reserved.
This doc is for reference only. Please refer to the exam authority for details. If you want to repost this
document, please properly reference the author and the source website
ps://learningnetwork.cisco.com/community/connections/china
Wireless LAN advantages and disadvantages
ireless LAN is that it is easy for an administrato
devices and users, because no running of physical
or installation of wall jacks is needed, and it does not dictate where the
users actually access the network.
On the other hand, because of the open nature of wireless LAN, several
The first and foremost of which is security
administrator needs to make sure that only authorized users have access to the
When configuring wireless LAN devices, an administrator needs to pay attention
Service Set Identifier, is a string that identifies a particular wireless LAN
device. By default, most APs broadcast their SSID so that users can find them.
However, it is a good idea for an administrator to disable the broadcasting of SSID
https://learningnetwork.cisco.com/community/connections/china
This doc is for reference only. Please refer to the exam authority for details. If you want to repost this
document, please properly reference the author and the source website
for an administrator to
use no running of physical
is needed, and it does not dictate where the
On the other hand, because of the open nature of wireless LAN, several
oremost of which is security – the
administrator needs to make sure that only authorized users have access to the
pay attention
Service Set Identifier, is a string that identifies a particular wireless LAN
device. By default, most APs broadcast their SSID so that users can find them.
However, it is a good idea for an administrator to disable the broadcasting of SSID
https://learningnetwork.cisco.com/community/connections/china
Copyright @ 2010 Cisco Systems Inc. All rights reserved.
This doc is for reference only. Please refer to the exam authority for details. If you want to repost this
document, please properly reference the author and the source website
https://learningnetwork.cisco.com/community/connections/china
and advise their authorized users of the SSID through other means. This way, it
becomes more difficult for unauthorized users to connect to the AP.
MAC filtering
Most AP devices allow the administrator to configure MAC filtering. The
administrator can configure a list of MAC addresses of wireless access devices
such as wireless network interface cards, wireless USB dongles, etc so that only
laptops or PCs with those devices can access the network through those APs. This
is because it is relatively difficult for an unauthorized user to guess and fake the
secret list of MAC addresses.
Encryption
Since wireless connectivity is provided through radio waves, it is possible for
unauthorized users to sniff the network data by listening and deciphering the
radio wave traffic. To protect the privacy of the wireless communication, an
administrator needs to make sure the wireless traffic are encrypted. There are
several encryption standards for wireless LAN available today:
Wired Equivalent Privacy (WEP)
In WEP, a static 64 bit or 128 bit key is preconfigured on both the AP and the
accessing wireless devices. WEP is relatively insecure and difficult to scale
because the encryption employed is weak and the key needs to be manually
configured on all the accessing devices.
WiFi Protected Access (WAP)
The WPA-1 standard improves upon the security of WEP by employing TKIP
(Temporal Key Integrity Protocol) encryption standard. At a later point, the WPA-2
comes along and replaced TKIP with the even more secure AES (Advanced
Encryption Standard).
It is important to note that not all wireless devices support WAP standard. In
particular, devices manufactured before WAP standards were produced may not
be upgradable to use the new standard.