Glossary

This glossary will help you to understand some of the more common WLAN-related marketing, technical, security, and industry terms used throughout this book and in related publications and discussions. These definitions should not be considered canonical and are provided as a quick reference only. Finally, this list should not be considered comprehensive because many obscure terms have been omitted, and new words and phrases are often introduced as the industry grows.

Numbers

3DES

A variant of the Data Encryption Standard (DES), used for encrypting data. The encryption key for 3DES is three times the size of that used for DES. (The same key is used three times.) Also known as “Triple DES.”

802.1x

An IEEE standard for port-based network access control. Limits access to the medium (wired or wireless) until the client has been authenticated. Several authentication methods are supported via the Extensible Authentication Protocol (EAP). There are three constructs within an 802.1x system: the supplicant (or client device), the authenticator (the access point or switch), and the authentication server (the server that authenticates the session).

802.11a

An IEEE WLAN standard that defines transmission in the 5-GHz range and provides up to 54-Mbps bandwidth, although actual throughput will always be lower than this. 802.11a uses Orthogonal Frequency Division Multiplexing (OFDM), which helps provide greater bandwidth. 802.11a is not approved for use in many European countries without additional frequency and power restrictions (as defined by the supplementary 802.11h standard).

802.11b

An IEEE standard that defines transmission in the 2.4-GHz range and provides up to 11-Mbps bandwidth; actual throughput will always be lower than this. 802.11b is the most widely deployed WLAN standard today. It is being replaced by 802.11g, which is backward compatible with 802.11b equipment but can provide greater bandwidth.

802.11c

An IEEE standard, focusing on the MAC layer, that deals with wireless bridging.

802.11d

An IEEE standard that supplements the physical layer requirements (defined in other 802.11 standards), extending the operation of 802.11 WLANs to new regulatory domains (countries). Also known as “worldmode” because it ensures that compliant equipment can work in different countries, not just the United States.

802.11e

An IEEE standard that defines enhancements to the Media Access Control layer to provide quality of service (QoS). QoS is very important for wireless voice and video, but it can also be used to prioritize sensitive traffic.

802.11f

An IEEE standard for Inter Access Point Protocol (IAPP), a specification to promote multivendor access point interoperability. 802.11f is used to support fast client roaming.

802.11g

An IEEE standard that defines transmission in the 2.4-GHz range and provides up to 54-Mbps bandwidth; actual throughput will always be lower than this. The increase in bandwidth over 802.11b (which uses the same frequency range) is achieved by using OFDM (Orthogonal Frequency Division Multiplexing). OFDM allows for more efficient data encoding, which therefore increases available bandwidth. 802.11g is a relatively new standard that is also backward compatible with 802.11b; this feature has dramatically increased its adoption rate within the industry.

802.11h

An IEEE standard that defines two additions to the MAC and PHY layers of 802.11a, allowing the 5-GHz standard to be used in Europe. The enhancements are Dynamic Frequency Selection (DFS) and Transmission Power Control. Both provide more control over the 5-GHz signal, as required by European regulations (CEPT Recommendation ERC 99/23).

802.11i

An IEEE standard that provides for greatly enhanced security. 802.11i provides for dramatically improved data encryption through the use of Advanced Encryption Standard (AES) instead of the older Wired Equivalent Privacy (WEP). It also specifies Temporal Key Integrity Protocol (TKIP), an additional method of increasing data integrity. The additional protocols required by 802.11i (AES and TKIP) provide enhanced protection against replay attacks, greatly increased encryption, data integrity checks, and so on.

802.11j

An IEEE standard that specifies extensions for the Japanese market and regulatory requirements.

802.11k

A proposed IEEE standard for radio resource management. 802.11k will improve roaming decisions by sharing information between the access point and the client.

802.11l

There is no 802.11l standard. It was deliberately skipped because the letter L was deemed typographically unsound; it could easily be misread.

802.11m

An IEEE specification that deals with maintenance and administrative issues concerning the other 802.11 standards. It is often referred to as “802.11 housekeeping.”

802.11n

A proposed IEEE standard for high-throughput WLANs (with theoretical speeds of over 500 Mbps, although speeds in the range of 100 to 200 Mbps are more likely). 802.11n will provide these much greater speeds through a combination of MIMO (multiple-input multiple-output) and OFDM. MIMO uses multiple transmitter and receiver antennas to provide increased data throughput.

802.11o

A proposed IEEE standard for fast re-authentication. This feature will assist wireless voice services especially, because fast re-authentication improves voice quality when moving from access point to access point while using a WiFi phone.

802.11p

A proposed IEEE standard for using wireless in moving vehicles. 802.11p is also known as WAVE (Wireless Access for the Vehicular Environment) and is planned to interoperate with the DSRC (Dedicated Short Range Communications) industry forum.

802.11q

A proposed IEEE standard for wireless VLAN management. This proposal would allow for standards-based support for multiple VLANs per access point.

802.11r

A proposed IEEE standard for fast roaming. Like fast re-authentication (addressed in the 802.11o proposal), fast roaming is especially important for wireless voice applications and services.

802.11s

A proposed IEEE standard for mesh wireless networks. Mesh wireless networks are made up of many access points that communicate with each other via “wireless self-configuring multi-hop topologies.” Put simply, this means that the access points not only provide wireless connectivity to client devices, but also communicate with each other via RF, thereby avoiding the need to cable every access point. Mesh wireless networks are typically deployed in outdoor environments, where coverage is required in large areas and it may be difficult or costly to cable every device.

802.11t

A proposed IEEE standard for producing wireless performance metrics. This will be useful in promoting standardized reporting, trending analysis and statistics, and so on. This effort is also known as WPP (Wireless Performance Prediction).

802.11u

A proposed IEEE standard for interoperability between WLANs and other non-WiFi networks, such as cellular networks. This is also known as WIEN (Wireless Internetworking with External Networks).

802.11v

A proposed IEEE standard for wireless network management, including client device management. This would allow, for example, the access points to configure and manage certain aspects of client behavior.

802.11w

A proposed IEEE standard for introducing “management frame protection.” Management frames are transmissions that include important management information and are currently vulnerable to malicious interference. This standard would protect these frames, avoiding interference or attacks that could potentially cause network disruption.

802.11x

There is no 802.11x standard directly, as the letter X is sometimes used to denote a generic value. As such, 802.11x is sometimes used to refer to the entire range of 802.11 standards. Do not confuse this with 802.1X, a separate IEEE standard for port-based network access control. 802.1X is the basis for most enterprise class wireless network security.

802.11y

A proposed IEEE standard to introduce a predictable and “fair” method to share frequency bands or channels in WLANs. This effort is also known as CBP (Contention Based Protocol).

802.11z

There is currently no 802.11z standard.

802.15

The IEEE standard for 2.4-GHz personal-area networks (PAN). 802.15 is better known as Bluetooth. See also Bluetooth.

802.16

The IEEE standard on broadband wireless wide-area networks (WANs). 802.16 works in the 10-to 66-GHz frequency ranges.

A

AAA

Authentication, authorization, accounting. This term is used to describe a generic system or solution that ensures that only authenticated users or devices gain access to the network in a recorded and auditable manner. This framework is usually provided by a AAA server. Examples include Microsoft Active Directory servers, RADIUS servers, and Cisco Access Control Servers. The user or device must supply a set of credentials to the AAA server, which, upon validation, approves access to the network and records the transaction. Some AAA services also monitor and record user activity and what services are accessed.

access layer switch

Access layer switches are the wired devices that provide connectivity to your wired network. Access points are usually connected to access layer switches. Also known as network edge switches.

access point

See AP.

ACL

Access control list. A managed list that defines network traffic controls by protocol, port, address, or time. The ACL defines the traffic that is permitted and the traffic that is denied.

ad-hoc network

In WLAN terms, an ad-hoc network is one in which two or more WLAN clients communicate with each other directly, without the use of an access point (AP). Ad-hoc networks are usually used by small, home, or SOHO networks on a peer-to-peer basis without a central communication hub.

AES

Advanced Encryption Standard, based upon a symmetric encryption algorithm. AES provides significantly more security than WEP and forms part of the 802.11i standard. It is also a Federal Information Processing Standards (FIPS)-approved algorithm. The AES, documented in FIPS Publication 197, specifies a symmetric encryption algorithm for use by organizations to protect sensitive information. See also 802.11i; CCMP.

amplitude

The strength of a radio signal.

AP

Usually a hardware device that acts as a communication hub for wireless clients, linking 802.11 stations to a wired backbone network. Each access point effectively creates a radio cell through which all traffic must pass. Access points are often abbreviated to AP in industry literature.

association

The relationship established between wireless clients and access points. Association denotes a MAC layer connection between the client and the AP.

attenuation

The loss of signal strength when radiated due to environmental factors, such as walls, furniture, building material, and so on. Attenuation is also caused by long lengths of transmission cable.

authentication server

Another term for a AAA server. See also AAA.

authenticator

A device that authenticates a client. In EAP-based wireless networks, the access point usually acts as an authenticator by passing the request upstream to a AAA server for validation. Upon successful validation of the user’s or device’s credentials, the authenticator permits it access to the network.

B

band

A set of adjacent frequencies lying within a definite range.

Bluetooth

A short-range wireless cable replacement technology. Bluetooth is the brandname for the IEEE 802.15 personal-area network standard. Bluetooth also uses the 2.4-GHz frequency range.

BSS

Basic Service Set. A MAC layer grouping of wireless devices that communicate with each other. A BSS is a single radio cell formed by a single base station or access point.

C

CA

Certificate authority. Network software that issues and manages security credentials and public keys for authentication and message encryption. As part of a public key infrastructure (PKI), which enables secure exchanges of information over a network, a certificate authority checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the registration authority verifies the requestor’s information, the certificate authority can issue a certificate. Based on the PKI implementation, the certificate content can include the certificate’s expiration date, the owner’s public key, the owner’s name, and other information about the public key owner. See also RA.

CCMP

Counter-Mode Cipher Block Chaining Message Authentication Code Protocol. CCMP is the AES-based encryption protocol defined in 802.11i. CCMP is a symmetric key block cipher mode encryption protocol.

certificate

A generic term used to describe a digital signature of a device. Certificates are used to generate keys used in a PKI (public key infrastructure) environment.

certificate authority

See CA.

channel

A frequency band in which a specific broadcast signal is transmitted.

CHAP

Challenge Handshake Authentication Protocol. An authentication scheme that uses a three-way handshake (challenge, response, verify) to authenticate the identity of the peer. CHAP is defined in RFC 1334. The client responds to the server’s challenge message, which in turn verifies the response by comparing it to the expected value. If it is successfully verified, the client is authenticated.

CLI

Command-line interface. The command-line interface is a nongraphical method of managing a network device, such as an access point. IOS is an example of a CLI-based solution. Note that many CLI interfaces also provide more user-friendly graphical user interfaces (GUI). Also known as “command line” and “command prompt.”

client

In a WLAN, a client is any device with a radio interface that does not act as a pass-through or relay.

collision

The result of two or more stations attempting to transmit a packet across the network at the same time, when the network uses a shared medium. Because wireless networks use a shared medium or single segment per access point, collisions can occur quite regularly. WLANs use a technique called CSMA/ CA to reduce such collisions because they can result in packet loss and can negatively impact the performance of the network.

command-line interface

See CLI.

CRC

Cyclic redundancy check. A simple method of checking message integrity.

CRL

Certificate Revocation List. A list of certificates that have been revoked by the certificate authority (CA). A CRL is analogous to a “blacklist” of certificates that are no longer permitted or accepted.

cryptography

The ISO defines cryptography as “[the] discipline which embodies principles, means, and methods for the transformation of data in order to hide its information content, prevent its undetected modification, and/or prevent its unauthorized use.” [ISO 7498-2: 1989]

CSMA/CA

Carrier sense multiple access with collision avoidance. The mechanism used by WLANs to reduce and detect packet collisions within cells. If a collision is detected, the station retransmits later based upon an exponential random back-off algorithm.

D

dBi

Decibels isotropic. A relative gain measurement with respect to an isotropic radiator in free space (uniform emitter in free space, a theoretical situation). It usually describes gain for antennas operating at 1 GHz or above.

dBm

Decibels milliwatt. Decibels referred to a reference level of 1 milliwatt (mW). dBM is a measure of power in communications: the decibel in reference to one milliwatt.

decibels

A measurement method used to simplify the expression and calculation of wireless power levels. It is also the unit used for measuring antenna gain. Decibels are abbreviated as dB, and you may also see dBm and dBi.

demilitarized zone

See DMZ.

DES

Data Encryption Standard. DES is a well-established symmetric key encryption algorithm standardized by ANSI in 1981 as ANSI X.3.92. It was originally defined by the National Institute of Standards and Technology.

DHCP

Dynamic Host Configuration Protocol. A standard network protocol that dynamically assigns IP addresses, and other settings, to clients, usually from a centralized DHCP server.

Direct-Sequence Spread-Spectrum

See DSSS.

DMZ

Demilitarized zone. Takes its name from the neutral ground between two opposing parties. A DMZ separates trusted and untrusted networks.

DNS

Domain Name System. The method by which Internet domain names are validated and translated into IP addresses. The scheme uses a distributed set of DNS servers. Enterprises can also create and operate their own DNS servers within their own networks.

DSSS

Direct-Sequence Spread-Spectrum. DSSS generates spread-spectrum transmissions, which are transmitted concurrently—that is, over two or more frequencies. This technique increases the signal’s resistance to interference. DSSS is one of two types of spread-spectrum radio technology used in WLAN transmissions, the other being FHSS.

Dynamic Host Configuration Protocol

See DHCP.

E

EAP

Extensible Authentication Protocol. EAP is a general protocol for authentication that also supports multiple authentication methods, such as token cards, Kerberos, one-time passwords, certificates, public key authentication, and smart cards.

EAPoL

EAP over LAN. A message structure for sending EAP packets in an 802.1x framework.

EAP-FAST

Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling. An EAP mechanism proposed by Cisco Systems that provides robust and secure authentication through the use of encrypted tunnels. Unlike PEAP or EAP-TLS, EAP-FAST does not require certificates on clients or servers.

EAP-TLS

Extensible Authentication Protocol with Transport Layer Security. EAP-TLS is one of the many EAP mechanisms for 802.1x-based authentication. It uses certificates to ensure mutual authentication between the client device and the authenticator and AAA servers.

EAP-TTLS

Extensible Authentication Protocol with Tunneled Transport Layer Security. EAP-TTLS is a proprietary EAP mechanism developed by Funk Software, Inc., (prior to their acquisition by Juniper Networks) and Certicom for 802.1x authentication. TTLS uses a combination of certificates and password challenge and response for authentication and encrypts the entire EAP session in a TLS tunnel.

encryption

Encryption is the process of changing data into a form that can be read, or decrypted, only by the intended receiver. Encryption uses a “key” to scramble the data. This can be shared via a public key infrastructure (PKI) system, or both ends of the transmission can use pre-shared keys.

ESS

Extended Service Set. Multiple basic service sets (BSS) linked by a backbone network to form a single subnetwork.

ETSI

European Telecommunications Standards Institute. The primary telecommunication standards organization in Europe.

EWC

Enhanced Wireless Consortium. An industry consortium of leading wireless industry members formed to accelerate the ratification and adoption of the upcoming 802.11n standard and to ensure interoperability between member-developed products.

F

Faraday Cage

An electrical apparatus designed to prevent the passage of electromagnetic waves, either containing them in or excluding them from its interior space. It is named for physicist Michael Faraday, who built the first one in 1836. Also known as a “screen room” or “FCC cage.”

fast handoff

See fast roaming.

fast roaming

A generic term used in the WLAN industry to denote various proprietary mechanisms to decrease the amount of time taken for clients to roam from wireless cell to cell. Fast roaming is especially important for wireless voice services because even very minor delays or service interruptions, often overlooked in data applications, can have an adverse affect on voice traffic.

FCC

Federal Communications Commission. The U.S. regulatory body for telecommunications, including wireless LANs.

Federal Information Processing Standard (FIPS) 140-2

FIPS 140 are the current, highly secure, encryption standards required by the U.S. federal government for use within government agencies. FIPS 140 mandates the use of Advanced Encryption Standard, implemented in 802.11i (the newest wireless security standard) for use with government data.

FHSS

Frequency-Hopping Spread-Spectrum. One of two types of spread-spectrum radio technology used in WLAN transmissions. FHSS modulates the data by hopping from frequency to frequency in the same band in a predetermined manner.

G

greenfield deployment

A deployment in an environment where no network has previously been in place. Named greenfield in reference to the fact that most “new” buildings and solutions were supposed to have been built in green fields.

H

hash

A one-way algorithm from which it is very difficult, if not impossible, to derive the original input. Hashing is an encryption technique that is used to generate WEP keys and TKIP rehashed keys. Hashes are also used to validate message integrity and to establish the identity of a sender.

HiperLAN

High-performance radio local-area network. A competing technology to 802.11a, which works in the same 5-GHz ISM band. Developed in Europe by the European Telecommunications Standards Institute (ETSI), HiperLAN has not seen widespread use.

hotspot

A publicly accessible WLAN network. Wireless hotspots are often provided free, either as public amenities or for a small fee in cafes, coffee shops, malls, and so on. With the increasing popularity of WLANs and wireless devices, the number of public hotspots is also rising rapidly.

I

IAPP

InterAP Protocol. A protocol being developed to support interoperability, mobility, handover, and coordination among APs in a WLAN. IAPP enables APs to communicate with one another.

IEEE

Institute of Electrical and Electronic Engineers. An international organization of professionals whose activities include the development of communication and network standards. IEEE LAN standards are the predominant LAN standards today; this includes the wireless LAN standards.

IETF

The Internet Engineering Task Force (IETF) is an international organization dedicated to the development of the Internet through technical recommendations and specifications. It is not responsible for the establishment of standards, but it is the principal body for the development of specifications, many of which are later adopted as standards.

infrastructure network

Refers to an 802.11 framework in which communication takes place via an access point. In infrastructure mode, wireless devices use the AP to communicate with each other and with devices on a wired network. Most corporate WLANs operate in infrastructure mode to access the wired LAN.

initialization vector

See IV.

Institute of Electrical and Electronic Engineers

See IEEE.

interference

In wireless terms, the RF effects that occur when other signals, usually in the same frequency range, inhibit or negatively affect the reception of the originally desired signal.

Internet Engineering Task Force

See IETF.

IPsec

IP Security. IPsec is a security protocol defined by the Internet Engineering Task Force (IETF) that provides authentication and encryption over the Internet. IPsec is generally used to create VPNs.

ISO

International Organization for Standardization. An international organization of national standards bodies from many countries.

IV

Initialization vector. In encryption, random data used to make a message unique. The IV is usually a block of bits that is used to “scramble” the data you want to encrypt. WEP uses a 24-bit IV value.

K

key

A value that must be fed into the algorithm used to decode an encrypted message to reproduce the original plain text. Some encryption schemes use the same (secret) key to encrypt and decrypt a message, but public key encryption uses a “private” (secret) key and a “public” key that is known by all parties.

key management

The process of managing the creation and distribution of keys in an encryption framework. This was a major problem with early deployments of static WEP-based wireless LANs because every access point and client had to have the keys manually configured. Newer EAP mechanisms introduce key management functionality.

L

LBS

Location-based services. A term used to describe the ability of products to detect and (usually graphically) display the location of devices on a wireless network. LBS is often used to track expensive assets by fixing “asset tags” (small battery-operated 802.11-based transmitters). These devices transmit their location to nearby access points, which in turn send this information to the location server or management tool. RFID is a form of location-based services.

loss

The reduction of an RF signal due to distance, obstructions, or attenuation.

LWAPP

Lightweight Access Point Protocol. A protocol used to control so-called “lightweight” access points and to split the management and control functions between the AP and a separate WLAN controller. This greatly reduces the complexity of configuring and managing WLANs because each access point does not need to be managed and configured manually; the WLAN controller takes over this function.

M

MAC address

Media Access Control address. A 6-byte hexadecimal address that a manufacturer assigns to the Ethernet controller for a port. Effectively, every Ethernet device has a unique MAC address that is used by higher-layer protocols.

MD5

Message-Digest Algorithm 5. A 128-bit one-way hashing algorithm used in many authentication algorithms. It is now generally considered unsuitable for strong encryption.

Megahertz

A measure of electromagnetic wave frequency equal to one million (1,000,000) hertz, often abbreviated as MHz.

MIC

Message Integrity Check. A method to check the integrity of wireless packets to ensure that they have not been intercepted and modified. Forms part of WPA.

MS-CHAP

Microsoft Challenge Handshake Authentication Protocol. Microsoft’s extension to CHAP. MS-CHAP is a mutual authentication protocol that also permits a single login in a Microsoft network environment.

mW

Milliwatt. A unit of power equal to one thousandth of a watt. WLANs measure power in mW.

O

OFDM

Orthogonal Frequency Division Multiplexing. OFDM encodes traffic by splitting and spreading it into several smaller frequency bands transmitted concurrently. This method provides more effective bandwidth and is less susceptible to interference. OFDM is used in 802.11a and 802.11g WLAN specifications to produce higher bandwidth levels.

P

PEAP

Protected Extensible Authentication Protocol. PEAP is an EAP mechanism that authenticates wireless LAN clients using only server-side digital certificates. An encrypted SSL/TLS tunnel between the client and the authentication server is created and used to protect the subsequent user authentication exchange.

PKI

Public key infrastructure. A system or framework where digital certificates, certificate authorities, and other registration authorities verify and authenticate the validity of each party involved in a network transaction. PKI uses public and shared keys to encrypt and decrypt data.

Plenum

The interstitial space between the raised floor and lowered ceiling, where most air ducts are situated.

PoE

Power over Ethernet. A technique used to deliver direct current (DC) power over twisted-pair cables to Ethernet devices. This approach obviates the need for these devices to be connected directly to a mains power-supply socket. The IEEE standard for PoE is called 802.3af.

PSK

Pre-shared key. The IEEE 802.11 term for a shared secret, also known as a shared key. Pre-shared keys form an important part of WPA when used in WPAPSK mode. This allows a small or SOHO wireless network to use the enhancements of WPA without using an EAP server. Pre-shared keys play a fundamental part in many encryption frameworks.

Q

QoS

Quality of service. A networking technology that seeks to measure, improve, and guarantee transmission rates, error rates, and other performance characteristics based on priorities, policies, and reservation criteria arranged in advance. Some protocols allow packets or streams to include QoS requirements.

R

RA

Registration authority. An optional PKI entity that has responsibility for recording or verifying some or all the information contained in a certificate request. It effectively validates information relating to the people, or groups of people, who request a certificate.

radio

A generic term used throughout this book to refer to any radio-based interface (transmitter/receiver) that provides network access via the 2.4-and 5-GHz frequency ranges.

RADIUS

Remote Authentication Dial-In User Service. A client/server-based authentication and accounting system. RADIUS was originally developed as a AAA framework for dial-up users, but it is now widely used for broadband and enterprise networking.

RF

Radio frequency. The rate at which the radio waves oscillate. Higher-frequency rates indicate more rapid oscillations. 802.11b and 802.11g utilize the 2.4-GHz frequency range, whereas 802.11a utilizes the 5-GHz range.

roaming

A client process that maintains network access when moving between Layer 2 and Layer 3 networks. For example, on a WLAN with multiple access points, a client “roams” when it moves through the building, associating with different access points as it changes position. This occurs as the client device associates with the nearest access point (or the one with the greatest signal). While moving about, the signal strength changes. This in turn triggers an event causing the client to search for and, if possible, associate with an access point with a higher signal strength. Effectively, the client has “jumped” from access point to access point. This event is known as Layer 2 roaming.

rogue AP

Any access point physically connected to, or interfering with, your enterprise network that was not installed, managed, or approved by your enterprise IT department. Rogue APs are a serious security threat because they are often misconfigured (or have no security enabled at all). This is effectively providing hackers with an open “back door” into your network. 99 percent of rogue APs are non-malicious; that is, they are simply installed by your users in good faith but without proper knowledge or familiarity with your wireless networking policies.

ROI

Return on investment. The amount of time required for a product, system, or service to pay for itself as a direct result of operating efficiencies or productivity improvements that it provides.

RSN

Robust Security Network. A new concept introduced by 802.11i that requires the use of dynamic negotiation of authentication and encryption algorithms between access points and mobile devices. RSN will allow the WLAN to evolve with emerging standards, which can be negotiated between the clients and infrastructure as they are introduced.

S

Secure Shell protocol (SSH)

A Telnet-like protocol that establishes an encrypted session.

session

The series of communication transactions between a client device and specific station in a wireless network.

shared secret

A shared secret is a string of text or numbers that is communicated between two parties in an out-of-band connection. Also known as a shared key or pre-shared key (PSK), a shared secret is used as input to a one-way hash algorithm.

SIP

Session Initialization Protocol. A signaling protocol that establishes real-time calls and conferences over IP networks.

spectrum

Electromagnetic radiation arranged in order of wavelength with certain radio bands reserved for specific services—for example—police, fire, WLAN, and so on.

SSH

Secure Shell protocol. A Telnet-like protocol that establishes an encrypted session.

SSID

Service set identifier. The unique name shared among all computers and other devices in a wireless LAN (WLAN). SSIDs can be thought of as the “network name,” and they are commonly used by network users to recognize specific wireless LANs. In enterprise WLANs, the same SSID is usually shared among all access points. This allows a client device to recognize the WLAN as the same logical network as it roams from AP to AP. A common SSID (or “network name”) is used across all access points.

Furthermore, access points can support more than one SSID. This would allow an enterprise WLAN, for example, to have two or three different SSIDs, with different security settings, available on the same access points. Common examples would be for a WLAN to have different SSIDs for laptop users, wireless phone users, and maybe even guest users.

STA

Station. Any device that has a wireless network interface. All wireless clients and access points can be considered stations.

Station

See STA.

Supplicant

A client role in the 802.1x framework. This is basically the client device (or user) that wants to be authenticated for access to the network. Supplicant is a term used to describe the device that is attempting to access the network in an authentication event.

T

TCO

Total cost of ownership. The complete costs of owning a product, system, or service. Total cost of ownership will include the capital acquisition cost, installation, maintenance, training, technical support, and labor to make required changes to related products, systems, or services. Most estimates place the TCO at about three to four times the capital acquisition price for the product, system, or service.

TKIP

Temporal Key Integrity Protocol. TKIP is an encryption protocol that adds a function whereby each packet is rehashed as part of the Message Integrity Check (MIC). A hashing function is used to provide a new key for each packet, thereby greatly increasing the security when compared to the static keys offered by WEP. TKIP utilizes the RC4 stream cipher with 128-bit keys for encryption and 64-bit keys for authentication. TKIP is a fundamental part of WPA, WPA2, and 802.11i.

Total cost of ownership

See TCO.

U

UNII

Unlicensed National Information Infrastructure. The Unlicensed National Information Infrastructure (UNII) bands have three groupings, with different frequency ranges, maximum transmit power, and permitted transmission areas.

Band

Frequency

Area

UNII-1

5.15–5.25 GHz

Outdoor use only

UNII-2

5.25–5.35 GHz

Indoor and outdoor use

UNII-3

5.725–7.825 GHz

Indoor and outdoor use

user

In the context of this book, a person who uses a wireless client.

V

VLAN

Virtual LAN. A MAC layer network segmentation that logically binds devices to the same LAN, regardless of their physical location.

VoIP

Voice over IP. A networking standard that allows voice telephony services over IP connections.

VPN

Virtual private network. The use of encryption protocols in the lower protocol layers to provide a secure connection through an otherwise insecure network, typically the Internet. VPNs are also referred to as secure tunnels.

W

war driving

The act of collecting data on unsecured or poorly secured WLANs while driving. Depending on the mode of transportation, this can also be known as war walking, war flying, and so on. The intent of war driving is to identify potential security weaknesses and make public the information or access the network for hacking or “free” Internet services.

war walking

Conceptually identical to war driving, but carried out on foot.

WECA

Wireless Ethernet Compatibility Alliance. The former name of the Wi-Fi Alliance.

WEP

Wired Equivalent Privacy (WEP) protocol. An encryption standard that defines mechanisms for data transmitted in WLANs. WEP is based on an RC4 algorithm and originally used 40-bit keys but was later enhanced to support 128-bit keys. Subsequently, proprietary 256-bit implementations were introduced by many equipment manufacturers.

Wi-Fi

Wireless Fidelity. Wi-Fi is a brand name created by the Wi-Fi Alliance (formerly WECA – Wireless Ethernet Compatibility Alliance) to describe interoperable and standards-based 802.11 wireless networks and to promote the use and public adoption of wireless networks. WLAN products that are Wi-Fi certified are interoperable and compliant with the latest standards set down by the Wi-Fi Alliance. The Wi-Fi Alliance has instituted a test suite that defines how member products are tested to certify that they are interoperable with other Wi-Fi certified products. These tests are conducted at an independent laboratory.

Wi-Fi Alliance

The Wi-Fi Alliance is a global, cross-industry organization created in 1999 to promote interoperability, certify products as compliant with the latest standards, and ensure independent testing. Note that the Wi-Fi Alliance does not define standards but simply adopts them as part of the Wi-Fi certification.

Wi-Max

Worldwide Interoperability for Microwave Access. Wi-Max is an 802.16 standards-based technology to provide broadband wireless “last mile” connectivity. As a wide-area technology, Wi-MAX (and all 802.16 standards) lies outside the scope of this book.

WLAN

Wireless LAN. A wireless network where clients and access points communicate, most commonly using standard IEEE-defined communication protocols, such as 802.11a, 802.11b, or 802.11g.

WPA

Wi-Fi Protected Access. WPA is a standards-based, interoperable security enhancement that provides significantly improved levels of data protection and access control for WLAN systems, compared to WEP. WPA introduces several new enhancements, including TKIP, MIC, and Key Management.

WPA2

Wi-Fi Protected Access 2. WPA2 is the Wi-Fi Alliance’s marketing term for 802.11i. As such, its capabilities are the same. See also 802.11i.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.116.42.233