info_i_25x25.png See important information about Ubiquiti Devices and KRACK Vulnerability in this article. We will update this document as more information becomes available.

What type of security should I configure on my airMAX radio network?


Enabling security is an essential part of any airMAX network. This ensures that radios are securely managed by trusted adminstrators knowing the password. airMAX gives adminstrators the flexibility to choose between security types, regardless of the scenario for deployment. Enable security first at the AP and enter the same settings at the station radio.


WPA2-AES (Recommended Security & Encryption) 

WPA2 (Wireless Protected Access II) security mode with AES (Advanced Encryption Standard) type 256bit encryption. AES is also known as CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol). WPA2 is always recommended over its predecessor, WPA.

Because encryption occurs within the wireless hardware chip, the CPU/memory are not affected and highest data rates are achievable (MCS15 & MCS7 for 2x2 & 1x1 devices, respectively).



WPA (Wi-Fi Protected Access) security modes with TKIP (Temporal Key Integrity Protocol) support only. TKIP uses the RC4 encryption algorithm. There is a performance limitation to using TKIP, so we recommend using AES.



WPA security modes without advanced encryption.



WEP (Wired Equivalent Privacy) is the oldest and least secure security algorithm and is not recommended. Legacy hardware may require WEP or WPA in certain circumstances.



 Open network, ideal for guest networks or whenever RADIUS MAC authentication & MAC ACL are used.