1 / 88

802.11b Access Point and Device Point Technical training

802.11b Access Point and Device Point Technical training. http://www.axis.com. Agenda. Marketing information System Overview WLAN Technology Security 802.11b Access point 802.11b Device Point Hands on Training. Marketing information (not yet). System Overview. System Overview.

taro
Télécharger la présentation

802.11b Access Point and Device Point Technical training

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 802.11b Access Point and Device PointTechnical training http://www.axis.com

  2. Agenda • Marketing information • System Overview • WLAN Technology • Security • 802.11b Access point • 802.11b Device Point • Hands on Training

  3. Marketing information (not yet)

  4. System Overview

  5. System Overview The 802.11b Access Point is connected on the main network. The Camera is connected to the 802.11b Device Point.

  6. System Overview Internet Device Point Wired Network Device Point Access Point Device Point

  7. Future overview *Today only one device can be connected to the Device Point through the network interface but in next SW-release will contain multiple device support. This is not a big issue in our customers cases. Our customers will probably only connect one camera to each Device Point.

  8. Future overview Internet Device Point Wired Network Access Point Wired Network Device Point Multi-Client Support (will be available)

  9. How to connect the 802.11b Access Point • Connect the 802.11b Access Point on the main network. • Configure the 802.11b Access Point from a computer on the main network (Smart AP utility) • Configure the network parameters and the Security-settings.

  10. How to connect the Camera to the 802.11b Device Point • Use a cross over connected UTP Ethernet cable to connect the Camera Server to the Device Point. • The 802.11b Device Point is a bridge (converter) between cabled Ethernet and wireless Ethernet (IEEE 802.11b). • Today only one camera can be connected to each Device Point.

  11. Wireless LAN Technologies Overview

  12. Network Definitions • Channel • The medium use for passing data in specific frequency, such as 2.4GHz. • BSS (Basic Service Set): • The conceptual area within which members of a basic service set may communicate • Infrastructure mode • ESS (Extended Service Set): • A set of one or more interconnected BSSs and integrated WLANs. • Infrastructure mode • IBSS (Independent BSS) • Ad-Hoc mode Authentication • Association • Wired Equivalent Privacy (WEP) • Wireless Distribution System (WDS) • The whole interconnected Wireless LAN, including the different cells, their respective Access Points and the Distribution System

  13. Wired Network Access Point Client Infrastructure-BSS • BSS/ESS uses infrastructure mode. Basic Service Set – single cell

  14. Access Point Wired Network Access Point Client Client Infrastructure-ESS

  15. Ad-Hoc (IBSS) • IBSS uses Ad-Hoc mode

  16. Searching Auth. Assoc. Connected How to Join the Infrastructure Network ID : SanDisk1 Channel 7 Open system w/o WEP Wired Network Access Point ΘΞΠ ΘΞΠ ΘΞΠ Client

  17. How to Join Infrastructure Network • Synchronization • Searching target wireless networks • Active Scanning (STA probes a frame) • Passive Scanning (STA waits for a Beacon) – XI-815 • The Authentication Process • To get authenticated from the target wireless network • The Association Process • A state where a client is allowed to pass data through an AP • Additional Authentication(802.1x) • Exchange the ID & Password with RADIUS server

  18. Roaming

  19. Inter-cell Roaming

  20. The Unlicensed Radio Frequency Spectrum 5.15-5.35 5.725-5.825GHz IEEE 802.11a HiperLAN/2

  21. Physical Layer

  22. Channel Plan – 802.11/11b/11g

  23. Channel Spacing (5MHz) 2.462 2.437 2.412 Non-overlapping channels

  24. Co-Channel Interference 3 11 1 1 1 1 1 2 6 2 6 2 6 3 11 3 11 1 1 1 1 1 1 2 6 2 6 3 11 3 11 3 11 1 1 1 1 2 6 • Channel Plan : {1,6,11} or {…} • Hidden notes interfere

  25. Robust for Interference • Sources of interference in 2.4GHz band • Main Source: consumer microwave ovens • – Spread Spectrum Receiver design allows narrowband interference • – Rate reduction allows even more robust operation • Other radios • – RFID tag ( radio frequency ID tag ) • – Generally, various systems , such as FHSS and DSSS in the 2.4GHz and will interfere with each other •  All FHSS systems will interfere with each other to some extent • Bluetooth, IEEE802.11 and Home RF are currently imcompatible and will interfere •  IEEE802.11 and Home RF interoperability is currently being evaluated by Home RF working group

  26. Security

  27. Why Security is so important? • Privacy • Preventing Unauthorized Access • Information security (read only/fully authorized) • Preventing Attacks • Virus • Personal Security Policy • Networking Security Policy • Tunnel • Firewall

  28. How to protect your network? • Use virus protection software • Use firewall • Set up personal and group firewall. • Do not open unknown email attachments • Do not run programs of unknown origin • Disable hidden filename extensions • Keep all applications (including your operating system) patched • Turn off your computer or disconnect from the network when not in use • Disable Java, JavaScript, and ActiveX if possible • Disable scripting features in email programs • Make regular backups of critical data • Make a boot disk in case your computer is damaged or compromised

  29. Security in the 802.11b • SSID (Wireless network name) • Authentication • Open system • Share Key • MAC address Control • WEP-keys

  30. However… • Wireless Network Vulnerability • 2.4GHz radio signal and unlicensed band • Broadcasting all the time • WEP Encryption has been broken by certain means, it is not secure any more. • Authentication process is not strong enough since WEP encryption has been defeated.

  31. Recommendation 1 • More secure with WEP on than with WEP off. • The wireless link between the AP and client is only one small part of a secure network. • Large companies should implement end-to-end security • VPN, RADIUS, IEEE 802.1x • Home and small business can take several measures to improve security until a solution is available

  32. Recommendation 2 • Turn WEP on and manage your WEP key by changing the default key • Changing the WEP key, daily to weekly. • Password protect drives and folders. • Change the default SSID (Wireless Network Name). • Use MAC address control. • Use a VPN system. Though it would require a VPN server, the VPN client is already included in many operating systems such as Windows 98 Second Edition, Windows 2000 and Windows XP.

  33. 802.11b Access Point

  34. Hardware Overview • Solution • Atmel (Z-Com) • PowerSupply - 5V • LANPort • One 10Base RJ-45 LAN port – a cross Ethernet cable is included • AntennaDesign • One Dipole and one PIFA

  35. Led Status PWR Yellow Power enabled WLAN Yellow Flashing: Wireless LAN traffic activity LAN Yellow Off: No Ethernet traffic activity Flashing: Wired LAN traffic activity On: Connectto the Ethernet. Off: No Wireless LAN activity

  36. Feature Highlights • AP Operation Modes • AP • Repeater • AP with Repeating • Configuration Management • Web-based and Windows-based configuration • SNMP MIBII support

  37. Wired Network AP with Repeating AP with Repeating Wired Network AP with Repeating The AP is capable of performing AP and Wireless Bridge function at the same time. Same channel is required for all bridges. AP with Repeating

  38. AP / Repeater only Wired Network AP with Repeating Wired Network Bridge (repeater) Repeater Bridge While using a wireless bridge in this configuration has the advantage of extending the link, it has the disadvantage of decreased throughput due to having to repeat all frames using the same half duplex radio. Same channel is required for all bridges. Bridge (repeater)

  39. Feature Highlights (Cont.) • Standard: Wi-Fi Compliant (not certified) • Security • WEP encryption up to 128-bits • MAC Filtering (up to 128 wireless nodes) • Hidden Access Point

  40. What security means does 802.11b Access Point provide? (I) • WEP • 40bit encryption • Alphanumeric: 5 characters • Hexadecimal: 10 hexadecimal digits • 128bit encryption • Alphanumeric: 13 characters • Hexadecimal: 26 hexadecimal digits

  41. What security means does 802.11b Access Point provide? (II) • MAC Access Control • Enable MAC access control • Click “Add” to enter MAC addresses • Click “Apply” • Only the client with the MAC address that is listed on the table is allowed to associate with the Access Point • At most 128 clients

  42. What security means does 802.11b Access Point provide? (III) • Enable Security and select “Hide Access Point” to make AP invisible for AP browsing engaged by stations. • If stations get the correct SSID, stations still can connect to AP by assigning SSID manually.

  43. 802.11b Access Point Management/Configuration

  44. How to configure the 802.11b Access Point • Via Web-based utility • Via Windows-based utility

  45. Windows-Based Utility By installing and using Wireless Access Point Utility in Any PC on the local network, you may then access and configure the Wireless Station Adapter Anywhere on the local network. Password: default

  46. Windows-Based Utility - Info Shows the Current Information of the Wireless Station Adapter, including ESSID, AP name, Channel, Mode, SNMP, DHCP Client, IP address, subnetmask and default gateway.

  47. Windows-Based Utility – Parameter Setup Configurable parameters includes ESSID, AP name, Channel, Mode, SNMP, DHCP Client, IP address subnetmask, default gateway and password.

  48. Windows-Based Utility – Security To prevent unauthorized wireless stations from accessing data transmitted over the network, the Wireless LAN Micro Access Point offers security Options such as WEP, MAC Access Control as well as Hide AP Access.

  49. Windows-Based Utility – WEP For 40-bit WEP • ASCII: 5 characters (case sensitive) ranging from “a-z”, “A-Z” and “0-9” (e.g. MyKey) • Hex:10 hexadecimal digits in the range of “A-F”, “a-f” and “0-9” (e.g. 11AA22BB33) • Passphrase: click Generate to generate WEP keys automatically. For 128-bit WEP • ASCII: 13 characters (case sensitive) ranging from “a-z”, “A-Z” and “0-9” (e.g. MyKey12345678) • Hex:26 hexadecimal digits in the range of “A-F”, “a-f” and “0-9” (e.g. 00112233445566778899AABBCC) • Passphrase : click Generate to generate WEP keys automatically.

  50. Windows-Based Utility – MAC Access Control With the Access Control Table enabled, you can authorize wireless units to access the Access Point by identifying the MAC address of the wireless devices that are allowed access to transmit data.

More Related