Application Scenarios for WLAN Security Policies
Commonly Used Security Policy for Households and SOHO Networks
Households and SOHO networks do not require high security. They usually use the WPA/WPA2 personal edition and do not require an authentication server.
Commonly Used Security for Enterprise Networks
Enterprise networks require high security. They usually use the 802.1X-based WPA/WPA2 enterprise edition and deploy an authentication server.
Commonly Used Security Policy for Carrier Networks
Besides WEP, WPA, WPA2 that are specific to wireless users, carriers can combine WLAN security policies with port authentication to enhance security of wireless users. Port authentication methods include 802.1X authentication, MAC address authentication, and Portal authentication. For details about the authentication methods, see "NAC Configuration (Unified Mode)" in the S2720, S5700, and S6700V200R019C10 Configuration Guide > User Access and Authentication Configuration Guide.
As shown in Figure 1, a carrier WLAN network usually uses WEP (no authentication, no encryption) and Portal authentication. When a STA attempts to connect to wireless network, the AC pushes the Portal authentication web page to the user. The user must enter the user name and password on the displayed web page. If the user is successfully authenticated by the RADIUS server, the user can connect to the Internet wirelessly.
