Page 61 / 193 Scroll up to view Page 56 - 60
61
The
Network Time Protocol
(
NTP
) is an Internet standard protocol that synchronizes
computer clock times on your network. NTP servers transmit
Coordinated Universal
Time
(UTC, also known as
Greenwich Mean Time
) to their client systems. NTP sends
periodic time requests to servers, using the returned time stamp to adjust its clock.
The timestamp will be used to indicate the date and time of each event in log
messages
.
See
for more general information on NTP.
The following sections describe how to configure the D-Link DWL-2210AP to use a
specified NTP server:
• Navigating to Time Protocol Settings
• Enabling or Disabling a Network Time Protocol (NTP) Server
• Updating Settings
Enabling the Network Time Protocol Server
Page 62 / 193
62
Enabling the Network Time Protocol Server
Navigating to Time Protocol Settings
To enable an
NTP
server, navigate to the
Advanced > Time Protocol
tab, and update the
fields as described below.
Page 63 / 193
63
To configure your access point to use a network time protocol (
NTP
) server, first
enable
the use of NTP, and then select the NTP server you want to use. (To shut down NTP
service on the network, disable NTP on the access point.)
Field Description
Updating Settings
To apply your changes, click
Update
.
Network Time Protocol
NTP provides a way for the access point to obtain and maintain its
time from a server on the network. Using an NTP server gives your
AP the ability to provide the correct time of day in log messages
and session information.
(See
for more general information on NTP.)
Choose to either enable or disable use of a network time protocol
(NTP) server:
• Enabled
• Disabled
NTP Server
If NTP is enabled, select the NTP server you want to use.
You can specify the NTP server by host name or IP address,
although using the IP address is not recommended as these can
change more readily.
Field
Description
Enabling or Disabling a Network Time Protocol (NTP) Server
Enabling the Network Time Protocol Server
Page 64 / 193
64
Configuring Security
The following sections describe how to configure Security settings on the D-Link
DWL-2210AP:
• Understanding Security Issues on Wireless Networks
• How Do I Know Which Security Mode to Use?
• Comparison of Security Modes for Key Management, Authentication and
Encryption Algorithms
• Does Prohibiting the Broadcast SSID Enhance Security?
• Navigating to Security Settings
• Configuring Security Settings
• Broadcast SSID and Security Mode
• Plaintext
• Static WEP
• IEEE 802.1x
• WPA with RADIUS
• WPA-PSK
• Updating Settings
Understanding Security Issues on Wireless Networks
Wireless mediums are inherently less secure than wired mediums. For example, an
Ethernet NIC transmits its packets over a physical medium such as coaxial cable or
twisted pair. A wireless NIC broadcasts radio signals over the air allowing a wireless
LAN to be easily tapped without physical access or sophisticated equipment. A hacker
equipped with a laptop, a wireless NIC, and a bit of knowledge can easily attempt to
compromise your wireless network. One does not even need to be within normal range
of the access point. By using a sophisticated antenna on the client, a hacker may be
able to connect to the network from many miles away.
The D-Link DWL-2210AP provides a number of authentication and encryption schemes
to ensure that your wireless infrastructure is accessed only by the intended users. The
details of each security mode are described in the sections below.
See also the related topic, “Appendix A: Configuring Security Settings on Wireless
Clients” in this manual.
Page 65 / 193
65
How Do I Know Which Security Mode to Use?
In general, we recommend that on your Internal network you use the most robust
security mode that is feasible in your environment. When configuring security on
the access point, you first must choose the security mode, then in some modes an
authentication algorithm, and whether to allow clients not using the specified security
mode to associate.
Wi-Fi Protected Access
(
WPA
) with
Remote Authentication Dial-In User Service
(
RADIUS
) using the CCMP (AES) encryption algorithm provides the best data protection
available and is clearly the best choice if all client stations are equipped with WPA
supplicants. However, backward compatibility or interoperability issues with clients or
even with other access points may require that you configure WPA with RADIUS with a
different encryption algorithm or choose one of the other security modes.
That said, however, security may not be as much of a priority on some types of networks.
If you are simply providing internet and printer access, as on a guest network, plain text
mode (no security) may be the appropriate choice. To prevent clients from accidentally
discovering and connecting to your network, you can disable the broadcast SSID so
that your network name is not advertised. If the network is sufficiently isolated from
access to sensitive information, this may offer enough protection in some situations.
This level of protection is the only one offered for guest networks, and also may be the
right convenience trade-off for other scenarios where the priority is making it as easy
as possible for clients to connect. (See “Does Prohibiting the Broadcast SSID Enhance
Security?” in this manual.)
Following is a brief discussion of what factors make one mode more secure than another,
a description of each mode offered, and when to use each mode.
Comparison of Security Modes for Key Management, Authentication
and Encryption Algorithms
Three major factors that determine the effectiveness of a security protocol are:
• How the protocol manages keys
• Presence or absence of integrated user authentication in the protocol
• Encryption algorithm or formula the protocol uses to encode/decode the data
Configuring Security

Rate

4.5 / 5 based on 2 votes.

Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top