Overview Of Security Features; Static Wep Keys - Cisco Aironet 340 Series Installation And Configuration Manual

Overview of Security Features

Overview of Security Features
When you use your client adapter with Windows CE, you can protect your data as it is transmitted
through your wireless network by encrypting it through the use of wired equivalent privacy (WEP)
encryption keys. With WEP encryption, the transmitting device encrypts each packet with a WEP key,
and the receiving device uses that same key to decrypt each packet.
The WEP keys used to encrypt and decrypt transmitted data can be statically associated with your
adapter or dynamically created as part of the LEAP authentication process. The information in the

"Static WEP Keys"

type of WEP keys you want to use. Dynamic WEP keys with LEAP offer a higher degree of security than
static WEP keys.
WEP keys, whether static or dynamic, are either 40 or 128 bits in length. 128-bit WEP keys contain more
information than 40-bit keys and, therefore, offer a greater level of security.
Refer to the
Note
security features that can make your WEP keys even more secure.
Static WEP Keys
Each device within your wireless network can be assigned up to four static WEP keys. If a device
receives a packet that is not encrypted with the appropriate key (as the WEP keys of all devices that are
to communicate with each other must match), the device discards the packet and never delivers it to the
intended receiver.
Static WEP keys are write-only and temporary; therefore, they cannot be read back from the client
adapter and they are lost when power to the adapter is removed or the Windows CE device is rebooted.
Although the keys are temporary, you do not need to re-enter them each time the client adapter is inserted
or the Windows CE device is rebooted. This is because the keys are stored (in an encrypted format for
security reasons) in the registry of the Windows CE device. When the driver loads and reads the client
adapter's registry parameters, it also finds the static WEP keys, unencrypts them, and stores them in
volatile memory on the adapter.
Prior versions of the client software for Windows CE permitted WEP keys to be stored in either Flash
Note
memory (persistent) or volatile memory (temporary). If your client adapter has WEP keys that are
stored in Flash memory from a prior release, Client Encryption Manager (CEM) version 2.10 or
greater allows you to store WEP keys only in volatile memory, and these keys are used instead of
those stored in Flash memory.
The CEM utility enables you to view the current WEP key settings for the client adapter and then to
assign new WEP keys or overwrite existing WEP keys, and the Aironet Client Utility (ACU) allows you
to enable or disable static WEP. Refer to the
Cisco Aironet Wireless LAN Client Adapters Installation and Configuration Guide for Windows CE
4-2
and "Dynamic WEP Keys with LEAP"
"Additional WEP Key Security Features" section on page 4-4
Chapter 4
sections below can help you to decide which
"Using Static WEP" section on page 4-6
Enabling Security Features
for information on three
for instructions.
OL-1375-02