airMAX - Security Modes

 Overview


This article describes the different wireless security modes. When creating a network, one of these must be chosen.

 

Wireless Security Mode Description
None  No encryption. Packets sent over the air are sent in the clear and can be "sniffed" with little effort.
MAC ACL (Access Control List) No encryption. Packets sent over the air are sent in the clear and can be "sniffed" with little effort. Can be used to whitelist (allow only) or blacklist (block only) clients based on their MAC addresses.   
WPA2-AES-PSK (Pre-shared Key) This is the most common security mode. It offers the best combination of performance, security and ease of use. Since it is possible to crack weak passwords, we suggest using a WPA2 password that is at least 12 characters long (up  to 63) and includes various character sets (Upper case, Lower case, special character and digits).
WPA2-AES-EAP (Extensible Authentication Protocol) Sometime referred to as WPA2-Enterprise is considered the most secure option, but requires the most configuration since an authentication server is required (RADIUS). This results in more granular control over who can connect to the network
What about WPA-TKIP and WEP? Both protocols have been depreciated by the Wi-Fi Alliance (WEP in 2004 and TKIP in 2012) and should be considered insecure.  

Related Articles


Back to Top

airMAX - How to Set Up RADIUS Server Authentication on airOS Devices (FreeRadius)

Powered by Zendesk