1. Home
    2. /
  2. Manuals
    3. /
  3. Hitron Technologies
    4. /
  4. CVE-30360
    5. /
  5. 15
Page 71 / 98 Scroll up to view Page 66 - 70
71
HITRON CVE-30360 USER’S GUIDE
WIRELESS
6.1.3
BASIC WIRELESS SECURITY
Radio is inherently an insecure medium, since it can be intercepted by anybody in the
coverage area with a radio receiver. Therefore, a variety of techniques exist in an
attempt to secure it.
These techniques control authentication (identifying who should be allowed to join the
network) and encryption (signal scrambling so that only authenticated users can
decode the transmitted data). The sophistication of each security method varies, as
does its effectiveness.
The CVE-30360 supports the following wireless security protocols (in order of
effectiveness):
For more information on these security protocols, see
Advanced Wireless Security
on
page
74
.
6.2
WIRELESS TUTORIALS
This section walks you through some of the more common wireless networking tasks.
NOTE:
For basic wireless network setup, please see the Quick Installation Guide that
came with your CVE-30360.
These tasks include:
Choosing a Security Method
on page
71
Changing the Wireless Password
on page
72
Changing the Network Name (SSID)
on page
73
Hiding the Network
on page
73
Improving the Wireless Network’s Performance
on page
73
6.2.1
CHOOSING A SECURITY METHOD
The security method that you choose to use for your wireless network depends upon
the security methods supported by the devices on the network (the CVE-30360, your
PC, your laptop, and so on).
Not all devices support the same security methods, so you must find out what
security methods each of the supports, and choose a method that they all support.
Least secure
No security
WEP
WPA-PSK
Most secure
WPA2-PSK
Page 72 / 98
72
HITRON CVE-30360 USER’S GUIDE
WIRELESS
You should choose the best security method available; see
Basic Wireless Security
on page
71
for a list of methods the CVE-30360 supports, in order of effectiveness.
In order to find out which security methods your other wireless devices support, you
can:
Look at the wireless device and see if it has a label listing the methods
supported.
Look at any documentation or packaging that came with the device.
Go into the device’s configuration utility and look for a list of supported methods.
This is often displayed as a drop-down list from which you can select an option.
Go to the device’s manufacturer’s website and look for an information page that
lists the device’s specifications.
If you want to use WPS (see
WPS
on page
75
) all the wireless clients must also
support WPS. There are two ways to determine if this is the case (in addition to those
described above):
Look at the wireless device and see if it has a physical button labeled “WPS” or
something similar, a wireless “wave” icon (something like
), or the “Wi-Fi
Protected Setup” logo. If any of these are the case, the device probably supports
the WPS PBC (“Push-Button Configuration”) method.
Go into the wireless device’s configuration utility and look for a “WPS” or “Wi-Fi
Protected Setup” screen. This screen should let you know whether the device
supports WPS PBC method, the WPS PIN method, or both (some devices have
a PBC button in their configuration utilities, in addition to or instead of a physical
button).
Once you have chosen a security method, you can select it on the CVE-30360 in the
Wireless
>
Security
screen’s
Security Mode
field (see
The Security Screen
on
page
78
).
6.2.2
CHANGING THE WIRELESS PASSWORD
Only wireless clients with the correct password can access the network. It’s a good
idea to change your wireless network’s password every so often, if you think
someone knows it who shouldn’t, or if there’s suspicious activity on your network.
You should change the password on the CVE-30360, then change the password on
each of your wireless clients.
The procedure for changing the password on the CVE-30360 depends on the
security method your network is using.
If you are using the WPS PBC (“Push-Button Configuration”) security method,
where you press a button on the CVE-30360 and the other wireless devices,
which connect automatically, just run the WPS PBC process again; see the
Quick Installation Guide that came with your CVE-30360 for more information on
how to do this.
Page 73 / 98
73
HITRON CVE-30360 USER’S GUIDE
WIRELESS
If you are using the WPS PIN security, where you have a WPS password that
you enter into each device on the network, go to the
Wireless
>
Basic
screen
and click the
PIN
button. In the screen that displays, enter the WPS PIN that you
want to use for the CVE-30360, or the WPS PIN of the client device you want to
add to the network.
If you are using WEP, go to the
Wireless
>
Security
screen. Use the
WEP
Settings
section to define the key(s) you want to use. Click
Apply
when you
have finished.
If you are using WPA-PSK or WPA2-PSK, go to the
Wireless
>
Security
screen. In the
WPA_Personal
section, enter the new password in the
Pre-
Shared Key
field. Click
Apply
when you have finished.
Whichever security method you are using, when you change the password on the
CVE-30360, the other devices will not be able to connect to the network until you
change their passwords as well.
The way in which you change the password on the client devices differs according to
manufacturer and model. In general, you will need to log in to the device’s
configuration utility and perform a similar procedure to the one you just performed on
the CVE-30360, unless you are using the WPS PBC method, in which case you must
press the button within two minutes of pressing the button on the CVE-30360.
NOTE:
If you are using WPS PBC, bear in mind that any device that also supports
WPS can connect to the CVE-30360 during the connection period. It is
therefore not an ideal method to use in public places, or if you suspect
someone is attempting to gain unauthorized access to the network.
6.2.3
CHANGING THE NETWORK NAME (SSID)
To change your wireless network’s SSID (the name that displays when you scan for
wireless networks on your wireless client), go to the
Wireless
>
Basic
screen. Enter
the new network name in the
SSID Name
field and click
Apply
.
NOTE:
Since the SSID is required to connect to a network, you will need to re-
connect your wireless client devices to the new SSID.
6.2.4
HIDING THE NETWORK
There are various reasons that you might not want your network to be visible to
people scanning for available networks. To do this, go to the
Wireless
>
Basic
screen. Select the
Hidden
checkbox and click
Apply
.
6.2.5
IMPROVING THE WIRELESS NETWORK’S
PERFORMANCE
There are two main factors that affect how well your wireless devices can
communicate:
Page 74 / 98
74
HITRON CVE-30360 USER’S GUIDE
WIRELESS
1
Interference from physical objects
2
Radio Frequency (RF) interference
To minimize interference from physical objects:
Move the CVE-30360 away from walls, heavy furniture, other massive or
metallic objects like refrigerators, and so forth.
Install the CVE-30360 in a higher location.
To minimize RF interference:
Move the CVE-30360 away from sources of RF energy such as wireless
telephone base stations, microwaves, and so forth.
Conduct a wireless site audit to see if other wireless networks are interfering with
yours. If so, you can change the wireless channel to one that isn’t so congested.
To conduct a site audit on the CVE-30360, go to the
Wireless
>
WiFi Site
Survey
screen. Click
Scan
. The screen that displays shows the wireless
networks in the area, the
Ch
field shows the channel they are using, and the
Signal (%)
field shows how strongly the CVE-30360 is receiving their signal
(bear in mind that the strength of a network at the CVE-30360’s location is not
necessarily the same as at your wireless client’s location; it may be much
stronger there).
If there are a lot of networks or a very strong network using a single channel or a
group of channels, you can change the CVE-30360’s channel to one further
away from the congested channel. To do this on the CVE-30360, go to the
Wireless
>
Basic
screen and choose an option from the
Channel
list. You
should choose a channel as far away from the congested area as possible;
ideally a difference of five channels is desirable.
Depending on their configuration, you may also then need to change the channel
on your wireless client devices.
6.3
ADVANCED WIRELESS NETWORKING
This section provides more technical information about wireless networks.
NOTE:
If you are just setting up your wireless network in a standard configuration
(covered in Wireless Tutorials on page 71) you do not need to read this
section.
6.3.1
ADVANCED WIRELESS SECURITY
This section describes the CVE-30360’s supported security protocols in greater
detail.
Page 75 / 98
75
HITRON CVE-30360 USER’S GUIDE
WIRELESS
WEP
(the Wired Equivalency Protocol): this protocol uses a series of “keys” or
data strings to authenticate the wireless client with the AP, and to encrypt data
sent over the wireless link. WEP is a deprecated protocol, and should only be
used when it is the only security standard supported by the wireless clients.
WEP provides only a nominal level of security, since widely-available software
exists that can break it in a matter of minutes.
WPA-PSK
(WiFi Protected Access - Pre-Shared Key): WPA was created to
solve the inadequacies of WEP. There are two types of WPA: the “enterprise”
version (known simply as WPA) requires the use of a central authentication
database server, whereas the “personal” version (supported by the CVE-30360)
allows users to authenticate using a “pre-shared key” or password instead.
While WPA provides good security, it is still vulnerable to “brute force”
password-guessing attempts (in which an attacker simply barrages the AP with
join requests using different passwords), so for optimal security it is advised that
you use a random password of thirteen characters or more, containing no
“dictionary” words.
WPA2-PSK
: WPA2 is an improvement on WPA. The primary difference is that
WPA uses the Temporal Key Integrity Protocol (TKIP) encryption standard
(which has been shown to have certain possible weaknesses), whereas WPA2
uses the stronger Advanced Encryption Standard (AES) in the Counter mode
with Cipher block chaining Message authentication code Protocol (CCMP),
which has received the US government’s seal of approval for communications
up to the Top Secret security level. Since WPA2-PSK uses the same pre-shared
key mechanism as WPA-PSK, the same caveat against using insecure or
simple passwords applies.
6.3.2
OTHER WIRELESS CONCEPTS
This section provides information on wireless-related topics not covered in previous
sections.
6.3.2.1
WPS
WiFi-Protected Setup (WPS) is a standardized method of allowing wireless devices
to quickly and easily join wireless networks, while maintaining a good level of
security. The CVE-30360 provides two methods of WPS authentication:
Push-Button Configuration
(PBC)
: when the user presses the
PBC
button on
the AP (either a physical button, or a virtual button in the GUI), any user of a
wireless client that supports WPS can press the corresponding
PBC
button on
the client within two minutes to join the network.
Personal Identification Number (PIN) Configuration
: all WPS-capable
devices possess a PIN (usually to be found printed on a sticker on the device’s
housing). When you configure another device to use the same PIN, the two
devices authenticate with one another.
Once authenticated, devices that have joined a network via WPS use the WPA2
security standard.

Rate

4.5 / 5 based on 2 votes.

Popular Hitron Technologies Models

Famous Router IPs
Famous Router Companies
Bookmark Our Site

Press Ctrl + D to add this site to your favorites!

Share
Top