Filter
Top Products
Chapter 2 Preparing to Install the Cisco Wireless IP Phone 7920 on Your Wireless Network
Interactions with Components in the VoIP Network
2-6
Cisco Wireless IP Phone 7920 Administration Guide for Cisco CallManager Release 3.3 or Later
OL-3930-02
Security Mechanisms in the Wireless Network
Before a wireless client device can communicate on the network through the
access point, it must authenticate to the access point using open or shared-key
authentication. For maximum security, client devices should also authenticate to
the network using MAC-address or EAP authentication, authentication types that
rely on an authentication server on the network.
Open Authentication
Open authentication allows any device to authenticate and then attempt to
communicate with the access point. Using open authentication, any wireless
device can authenticate with the access point, but the device can communicate
only if its WEP keys match the access point's. Devices that are not using WEP do
not attempt to authenticate with an access point that is using WEP. Open
authentication does not rely on a RADIUS server on the network.
Shared Key Authentication
During shared key authentication, the access point sends an unencrypted
challenge text string to any device attempting to communicate with the access
point. The device requesting authentication encrypts the challenge text and sends
it back to the access point. If the challenge text is encrypted correctly, the access
point allows the requesting device to authenticate. Both the unencrypted
challenge and the encrypted challenge can be monitored, however, which leaves
the access point open to attack from an intruder who calculates the WEP key by
comparing the unencrypted and encrypted text strings. Because of this weakness,
shared key authentication can be less secure than open authentication. Like open
authentication, shared key authentication does not rely on a RADIUS server on
your network.
To ensure that voice traffic is secure, the Cisco Wireless IP Phone 7920 supports
both static Wired Equivalent Privacy (WEP) and Cisco Light Extensible
Authentication Protocol (LEAP) for authentication and encryption. When you use
either mechanism for encryption, both the signaling (SCCP) packets and voice
(RTP) packets are encrypted between the access point and the Cisco Wireless
IP Phone.