Home Products Tsunami-Feature-Ultra Secure

Why We Say
Ultra Secure

Security and Encryption

All Proxim’s Tsunami outdoor radios support the following enhanced security features that enable you to prevent unauthorized access or damage to the wireless network.
WEP
Wired equivalent privacy provides confidentiality for network traffic by encrypting the data portion of each packet exchanged in the 802.11 network by using an encryption key. When encryption is initiated, the two devices must have the same encryption keys and both devices must be configured to use the WEP encryption, in order to communicate.
TKIP and RC4
The temporal key integrity protocol uses RC4 encryption such as WEP however the weakness of WEP is addressed by implementing a stronger integrity checking algorithm and also a true 128-bit static key unlike in WEP.
CCMP & AES
Counter mode with cipher block chaining –uses AES instead of the RC4. The AES -128 or Advanced Encryption Standard, is a secure 128 bit key standard, which simply means that it would take 2 128 operations turns to decipher the message for an unauthorized user which is widely known to be out of reach even for the contemporary computing techniques.
FIPS 140-2 level 2
The Tsunami™ MP.11 HS 4454 is an ultrasecure FIPS 140-2 level 2 certified PtMP solutions for Federal, DoD and NATO applications. It integrates hardware based AES-256 bit encryption and secure mgmt features into one single solution.
MAC Access Control
This feature on Proxim’s devices allows administrators to provide access to authorized users by their MAC addresses. This involves configuring the specific radio with the MAC addresses of the clients, it would be serving.

Secure Management

It is not uncommon for attackers and unauthorized users to exploit management interfaces in order to penetrate into ones network. Proxim ensures complete security over all its management interface types by encrypting them with secure 128 bit key encryption standards between the management device and the radio.
SNMP v3
Unlike the older versions of Simple network management protocol versions (SNMPv1 and SNMPv2) that supports only simple passwords sent in clear text to provide authentication. SNMPv3 provides secure access to radios by authenticating using extra security parameters and encrypting data packets. Leveraging the strengths of SNMPv3, Proxim network management software PVES provides the following features:
  • Authentication- To verify the identity of the associating clients.
  • Encryption- To turn the original message in a form that can be deciphered by using only when you have a key that is received when a device passes through the authentication process.
  • Message integrity—ensuring that the message sent is the same when received in other words that the message has not been tampered while transmitting.
Web (HTTP/HTTPS) Interface
The HTTP interface provides an easy access to configuration settings and network statistics from any computer on the network. Proxim ensures complete security between the device and the HTTP client with the latest SSL standards that are implemented at both server and the client-side. A secure socket layer essentially allows users to access radios via a secure tunnel that is encrypted with a 128-bit key.
Telnet/Secure Shell (SSH)
Proxim’s devices support the latest SSH version that allows users to securely access Proxim’s radios via CLI or telnet. SSH not only provides strong encryption of data but also ensures secure communications between the client devices and the telnet server with strong authentication systems. The SSH server hosts a pair of asymmetric keys (a private key that resides on the device) and a public key that is distributed to radios. In order to communicate, the radios need to be first verified with the SSH server.

Radius Based Security

RADIUS based security features
By definition, Remote Authentication Dial In User Service (RADIUS) is a protocol that provides Authentication, Authorization, and Accounting (AAA) management for client stations (laptops, tablets, computers, mobile phones etc) to connect to a network.

Authentication: To verify the identity of the associating clients.
Authorization: To provide specific resources dependent on the client’s permission/access levels.
Accounting: Track and record the client stations activity and data usage.
802.1x Authentication using RADIUS: provides an authentication framework for wireless networks, allowing a user/subscriber unit to be authenticated by a central authority server. 802.1X use the extensible authentication protocol that is also used for other wired and wireless LANS for message exchange during authentication process.
In a wireless network with 802.1X, a supplicant (user/subscriber unit/end point device in a PtP Link) requests access to an authenticator (base station unit/end point device in a PtP Link/access point). The authenticator forces the supplicant in unauthorized state that allows the supplicant to send only an EAP start message .The authenticator returns an EAP message requesting the supplicant’s identity .The supplicant returns the identity which is forwarded by the authenticator to the authentication server (RADIUS server/authentication server), which uses an algorithm to authenticate the supplicant and then returns an accept or reject message back to the authenticator. In the event the server accepts the requests, the authenticator changes the supplicant’s state to authorized.
Point-to-Multipoint
Point-to-Point / Wireless Backhaul
Enterprise WLAN
Wireless Network Management
Solutions
Partners
Knowledge Center
Technology
Support
About Proxim
Try/Buy
Copyright © 2009 - 2013 Proxim Wireless Corporation. All rights reserved.
Reproduction of material from any Proxim pages without written permission is strictly prohibited.