Hitron Technologies CVE-30360 Router Manual PDF (Setup & Configuration Guide)

Home

Manuals

Hitron Technologies

CVE-30360

Page 71 / 98 Scroll up to view Page 66 - 70

HITRON CVE-30360 USER’S GUIDE

WIRELESS

6.1.3

BASIC WIRELESS SECURITY

Radio is inherently an insecure medium, since it can be intercepted by anybody in the

coverage area with a radio receiver. Therefore, a variety of techniques exist in an

attempt to secure it.

These techniques control authentication (identifying who should be allowed to join the

network) and encryption (signal scrambling so that only authenticated users can

decode the transmitted data). The sophistication of each security method varies, as

does its effectiveness.

The CVE-30360 supports the following wireless security protocols (in order of

effectiveness):

For more information on these security protocols, see

Advanced Wireless Security

page

6.2

WIRELESS TUTORIALS

This section walks you through some of the more common wireless networking tasks.

NOTE:

For basic wireless network setup, please see the Quick Installation Guide that

came with your CVE-30360.

These tasks include:



Choosing a Security Method

on page



Changing the Wireless Password

on page



Changing the Network Name (SSID)

on page



Hiding the Network

on page



Improving the Wireless Network’s Performance

on page

6.2.1

CHOOSING A SECURITY METHOD

The security method that you choose to use for your wireless network depends upon

the security methods supported by the devices on the network (the CVE-30360, your

PC, your laptop, and so on).

Not all devices support the same security methods, so you must find out what

security methods each of the supports, and choose a method that they all support.

Least secure



No security



WEP



WPA-PSK

Most secure



WPA2-PSK

Page 72 / 98

HITRON CVE-30360 USER’S GUIDE

WIRELESS

You should choose the best security method available; see

Basic Wireless Security

on page

for a list of methods the CVE-30360 supports, in order of effectiveness.

In order to find out which security methods your other wireless devices support, you

can:



Look at the wireless device and see if it has a label listing the methods

supported.



Look at any documentation or packaging that came with the device.



Go into the device’s configuration utility and look for a list of supported methods.

This is often displayed as a drop-down list from which you can select an option.



Go to the device’s manufacturer’s website and look for an information page that

lists the device’s specifications.

If you want to use WPS (see

WPS

on page

) all the wireless clients must also

support WPS. There are two ways to determine if this is the case (in addition to those

described above):



Look at the wireless device and see if it has a physical button labeled “WPS” or

something similar, a wireless “wave” icon (something like

), or the “Wi-Fi

Protected Setup” logo. If any of these are the case, the device probably supports

the WPS PBC (“Push-Button Configuration”) method.



Go into the wireless device’s configuration utility and look for a “WPS” or “Wi-Fi

Protected Setup” screen. This screen should let you know whether the device

supports WPS PBC method, the WPS PIN method, or both (some devices have

a PBC button in their configuration utilities, in addition to or instead of a physical

button).

Once you have chosen a security method, you can select it on the CVE-30360 in the

Wireless

Security

screen’s

Security Mode

field (see

The Security Screen

page

6.2.2

CHANGING THE WIRELESS PASSWORD

Only wireless clients with the correct password can access the network. It’s a good

idea to change your wireless network’s password every so often, if you think

someone knows it who shouldn’t, or if there’s suspicious activity on your network.

You should change the password on the CVE-30360, then change the password on

each of your wireless clients.

The procedure for changing the password on the CVE-30360 depends on the

security method your network is using.



If you are using the WPS PBC (“Push-Button Configuration”) security method,

where you press a button on the CVE-30360 and the other wireless devices,

which connect automatically, just run the WPS PBC process again; see the

Quick Installation Guide that came with your CVE-30360 for more information on

how to do this.

Page 73 / 98

HITRON CVE-30360 USER’S GUIDE

WIRELESS



If you are using the WPS PIN security, where you have a WPS password that

you enter into each device on the network, go to the

Wireless

Basic

screen

and click the

button. In the screen that displays, enter the WPS PIN that you

want to use for the CVE-30360, or the WPS PIN of the client device you want to

add to the network.



If you are using WEP, go to the

Wireless

Security

screen. Use the

WEP

Settings

section to define the key(s) you want to use. Click

Apply

when you

have finished.



If you are using WPA-PSK or WPA2-PSK, go to the

Wireless

Security

screen. In the

WPA_Personal

section, enter the new password in the

Pre-

Shared Key

field. Click

Apply

when you have finished.

Whichever security method you are using, when you change the password on the

CVE-30360, the other devices will not be able to connect to the network until you

change their passwords as well.

The way in which you change the password on the client devices differs according to

manufacturer and model. In general, you will need to log in to the device’s

configuration utility and perform a similar procedure to the one you just performed on

the CVE-30360, unless you are using the WPS PBC method, in which case you must

press the button within two minutes of pressing the button on the CVE-30360.

NOTE:

If you are using WPS PBC, bear in mind that any device that also supports

WPS can connect to the CVE-30360 during the connection period. It is

therefore not an ideal method to use in public places, or if you suspect

someone is attempting to gain unauthorized access to the network.

6.2.3

CHANGING THE NETWORK NAME (SSID)

To change your wireless network’s SSID (the name that displays when you scan for

wireless networks on your wireless client), go to the

Wireless

Basic

screen. Enter

the new network name in the

SSID Name

field and click

Apply

NOTE:

Since the SSID is required to connect to a network, you will need to re-

connect your wireless client devices to the new SSID.

6.2.4

HIDING THE NETWORK

There are various reasons that you might not want your network to be visible to

people scanning for available networks. To do this, go to the

Wireless

Basic

screen. Select the

Hidden

checkbox and click

Apply

6.2.5

IMPROVING THE WIRELESS NETWORK’S

PERFORMANCE

There are two main factors that affect how well your wireless devices can

communicate:

Page 74 / 98

HITRON CVE-30360 USER’S GUIDE

WIRELESS

Interference from physical objects

Radio Frequency (RF) interference

To minimize interference from physical objects:



Move the CVE-30360 away from walls, heavy furniture, other massive or

metallic objects like refrigerators, and so forth.



Install the CVE-30360 in a higher location.

To minimize RF interference:



Move the CVE-30360 away from sources of RF energy such as wireless

telephone base stations, microwaves, and so forth.



Conduct a wireless site audit to see if other wireless networks are interfering with

yours. If so, you can change the wireless channel to one that isn’t so congested.

To conduct a site audit on the CVE-30360, go to the

Wireless

WiFi Site

Survey

screen. Click

Scan

. The screen that displays shows the wireless

networks in the area, the

field shows the channel they are using, and the

Signal (%)

field shows how strongly the CVE-30360 is receiving their signal

(bear in mind that the strength of a network at the CVE-30360’s location is not

necessarily the same as at your wireless client’s location; it may be much

stronger there).

If there are a lot of networks or a very strong network using a single channel or a

group of channels, you can change the CVE-30360’s channel to one further

away from the congested channel. To do this on the CVE-30360, go to the

Wireless

Basic

screen and choose an option from the

Channel

list. You

should choose a channel as far away from the congested area as possible;

ideally a difference of five channels is desirable.

Depending on their configuration, you may also then need to change the channel

on your wireless client devices.

6.3

ADVANCED WIRELESS NETWORKING

This section provides more technical information about wireless networks.

NOTE:

If you are just setting up your wireless network in a standard configuration

(covered in Wireless Tutorials on page 71) you do not need to read this

section.

6.3.1

ADVANCED WIRELESS SECURITY

This section describes the CVE-30360’s supported security protocols in greater

detail.

Page 75 / 98

HITRON CVE-30360 USER’S GUIDE

WIRELESS



WEP

(the Wired Equivalency Protocol): this protocol uses a series of “keys” or

data strings to authenticate the wireless client with the AP, and to encrypt data

sent over the wireless link. WEP is a deprecated protocol, and should only be

used when it is the only security standard supported by the wireless clients.

WEP provides only a nominal level of security, since widely-available software

exists that can break it in a matter of minutes.



WPA-PSK

(WiFi Protected Access - Pre-Shared Key): WPA was created to

solve the inadequacies of WEP. There are two types of WPA: the “enterprise”

version (known simply as WPA) requires the use of a central authentication

database server, whereas the “personal” version (supported by the CVE-30360)

allows users to authenticate using a “pre-shared key” or password instead.

While WPA provides good security, it is still vulnerable to “brute force”

password-guessing attempts (in which an attacker simply barrages the AP with

join requests using different passwords), so for optimal security it is advised that

you use a random password of thirteen characters or more, containing no

“dictionary” words.



WPA2-PSK

: WPA2 is an improvement on WPA. The primary difference is that

WPA uses the Temporal Key Integrity Protocol (TKIP) encryption standard

(which has been shown to have certain possible weaknesses), whereas WPA2

uses the stronger Advanced Encryption Standard (AES) in the Counter mode

with Cipher block chaining Message authentication code Protocol (CCMP),

which has received the US government’s seal of approval for communications

up to the Top Secret security level. Since WPA2-PSK uses the same pre-shared

key mechanism as WPA-PSK, the same caveat against using insecure or

simple passwords applies.

6.3.2

OTHER WIRELESS CONCEPTS

This section provides information on wireless-related topics not covered in previous

sections.

6.3.2.1

WPS

WiFi-Protected Setup (WPS) is a standardized method of allowing wireless devices

to quickly and easily join wireless networks, while maintaining a good level of

security. The CVE-30360 provides two methods of WPS authentication:



Push-Button Configuration

(PBC)

: when the user presses the

PBC

button on

the AP (either a physical button, or a virtual button in the GUI), any user of a

wireless client that supports WPS can press the corresponding

PBC

button on

the client within two minutes to join the network.



Personal Identification Number (PIN) Configuration

: all WPS-capable

devices possess a PIN (usually to be found printed on a sticker on the device’s

housing). When you configure another device to use the same PIN, the two

devices authenticate with one another.

Once authenticated, devices that have joined a network via WPS use the WPA2

security standard.

Rate

Popular Hitron Technologies Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share