Export (0) Print
Expand All
Expand Minimize

How to Configure Windows XP SP2 Network Protection Technologies on a Single Computer

Published: December 10, 2004

On This Page

Introduction
Before You Begin
Using Windows Security Center
Configuring Internet Explorer
Configuring Outlook Express
Configuring Wireless Network Security
Related Information

Introduction

A computer that is connected to the Internet might be vulnerable to an attack. An attack is a deliberate attempt to bypass the security of a computer or deprive you of the use of the computer.

In Microsoft Windows XP Service Pack 2 (SP2), Microsoft delivers several technologies that help protect your computer. These technologies do not replace periodic security updates. They help strengthen the overall defenses of Windows XP against malicious attacks. The Windows Security Center serves as a place to start for items related to security and security-related Web links.

Windows Firewall is included in Windows XP SP2 and helps to protect your computer by attempting to block unsolicited connections. Unsolicited connections are those that are not made in response to a request from your computer. Programs on your computer, such as Internet Explorer or Outlook Express, still operate successfully because Windows Firewall allows these solicited connections from your computer.  

The default settings for Windows XP SP2 help to secure your computer. If the default settings do not meet your security needs you can use the guidance in this document to configure alternative settings. These allow you to use your computer efficiently while still helping to reduce the risk from malicious attacks.

To configure the network protection technologies, you must perform the following tasks:

  • Use Windows Security Center to configure Automatic Updates, Windows Firewall settings, and to determine antivirus protection status

  • Configure Microsoft Internet Explorer

  • Configure Microsoft Outlook Express

  • Configure Wireless Networking Security

IMPORTANT:  The instructions in this document were developed with the Start menu that appears by default when you install your operating system. If you have modified your Start menu, the steps might differ slightly.

For definitions of security-related terms, see the following:

Before You Begin

This document helps you set up the network protection features of Windows XP Professional SP2 and Windows XP Home Edition SP2 on a single computer.

Using Windows Security Center

The Security Center service runs as a background process and checks the state of the following security essentials on the user’s computer:

  • Firewall. Security Center checks whether Windows Firewall is on or off. Security Center can also check for the presence of some third-party firewalls.

    Note: For more information on software firewall manufacturers, see the following:

  • Automatic Updates. Security Center checks to ensure that Automatic Updates is set to the recommended setting, which automatically downloads and installs critical updates to the user’s computer. If Automatic Updates is turned off or is not set to the recommended settings, Security Center provides appropriate recommendations.

  • Virus Protection. Security Center checks for the presence of antivirus software using queries for specific Windows Management Instrumentation (WMI) providers that are made available by participating vendors. If the information is available, the Security Center service reports on whether the software is up-to-date and whether real-time scanning is turned on.

    Note: For more information regarding Microsoft Antivirus partners, see the following:

If a security essential is found to be in a non-secure or undetectable state Security Center places a red shield in the notification area of your computer's taskbar and also provides an Alert message when you logon. This message links to Security Center which displays a message about the problem and provides recommendations about how to fix it.

If you use an antivirus or firewall program that you monitor yourself, you can change the way that Security Center alerts you for that program.

The procedures that you perform when using the Security Center are:

  • Change the Security Center Alerts

  • Configure Windows Firewall

  • Configure Automatic Updates

Requirements to perform this task

  • Credentials: You must log on as a member of the local Administrators security group.

Changing Security Center Alerts

You are not required to use an antivirus or firewall software program that is compliant with Security Center. If you use software that is not detectable, you must configure Security Center options that let you monitor your security status on your own and you will not receive messages that prompt you to change your configuration.

To change Security Center alerts

  1. Click Start, and then click Control Panel.

  2. On the Pick a category page, click SecurityCenter.

    Cc875822.protsi01(en-us,TechNet.10).gif

    Figure 1   SecurityCenter
  3. Under Resources, click Change the way SecurityCenter alerts me.

    protsi02.gif

    Figure 2   Alert Settings
  4. Clear the alert settings to meet your requirements.

  5. Click OK.

Configuring Windows Firewall

The default settings for Windows Firewall meet the needs of most users. The default settings and when you might change them are defined in table 1.

Table 1   Default Windows Firewall settings

Option

Default Configuration

Modify when

Network connection settings

All connections

You no longer require the protection of Windows Firewall on a specific connection, or you require settings per-connection.

Program exceptions

Remote Assistance only

You require connections from other programs or services to your computer.

Port exceptions

None

You require connections from other computers programs that use specific ports on your computer.

ICMP exceptions

None

You require other computers to verify that your computer exists and that TCP/IP is configured correctly.

Notifications

On

You no longer wish to be notified when other computers try to connect to your computer but fail to connect.

Logging

Off

You require a record of connections or connection attempts made to your computer.

Don't Allow Exceptions

Off

You become aware of a security vulnerability of your computer for which you have not applied the patch. After you have applied the patch, return this setting to Off.

Note:  Although this document explains how to modify the default settings, if you do so you might increase the vulnerability of your computer to attack.

If you add any of the exceptions options listed in table1, for each exception you can define a scope. A scope is an optional configuration that allows you to specify which computers can use the excepted program on your computer. For home and small office networks, Microsoft recommends that you configure the scope to the local network, where you can do this. If you configure the scope to the local network, computers on the same network subnet can connect to the program on the computer. However, traffic that originates from a remote computer is not allowed.

To modify the default Windows Firewall settings perform the following procedures on your computer:

  • Enable Windows Firewall on a per-network connection basis

  • Configure program exceptions

  • Configure port exceptions

  • Configure ICMP exceptions

  • Disable notifications

  • Setup firewall log settings

  • Use Don't allow exceptions

Important: If you modify any of the above settings, except Don't allow exceptions, you increase the vulnerability of your computer to attack.

To enable Windows Firewall on a per-network connection basis

  1. From SecurityCenter, under Manage security settings for, click Windows Firewall.

  2. In Windows Firewall, click the Advanced tab.

    Figure 3   Windows Firewall Advanced settings

    Figure 3   Windows Firewall Advanced settings
  3. On the Advanced tab, in the Network Connection Settings area, clear any connections that you do not require Windows Firewall to protect.

    Note: Windows Firewall is enabled by default for all network connections. If you are already using a third-party host firewall product (a locally installed software firewall) on a particular connection, then it is recommended that you disable Windows Firewall for only that connection.

  4. On the Advanced tab, in the Network Connection Settings area, click to highlight the particular connection that you wish to configure firewall settings that are different from the default, and then click Settings.

    Figure 4   Windows Firewall Advanced settings per-connection

    Figure 4   Windows Firewall Advanced settings per-connection
  5. Select or clear the particular service that you wish to enable or disable for this connection.

  6. If the service you wish to enable for this connection is not displayed, click Add.

    Figure 5   Service Settings for a particular network connection

    Figure 5   Service Settings for a particular network connection
  7. On the Service Settings page, type the details for the service that you wish to enable and then click OK.

  8. Click OK to close the Advanced Settings page.

To configure program exceptions

  1. In Windows Firewall click the Exceptions tab.

    Figure 6   Windows Firewall Exceptions

    Figure 6   Windows Firewall Exceptions
  2. In the Programs and Services area, select each service that you require to make a connection to your computer, and then click OK.

  3. If the Program or Service is not listed and you wish to enable a program to make a connection through Windows Firewall, click Add Program.

    Figure 7   Add a Program

    Figure 7   Add a Program
  4. In the Programs list, click the program that you need to pass through Windows Firewall.

    Note: If the program is not listed, click Browse and browse to the Program. Click the program and then click Open.

  5. Click Change scope.

    Note: Change scope is an optional configuration that allows you to specify which computers can use the excepted program on your computer. If you do not need to define a scope, you can skip to step 8.

    Figure 8   Change scope

    Figure 8   Change scope
  6. Click either:

    Any computer (including those on the Internet), to allow unsolicited access to your program, or

    My network (subnet) only, to allow computers on the same network subnet as your computer to access the program, or

    Custom list, to allow only the computers you specify in the custom list field to access the program

  7. Click OK.

  8. In the Add a Program box click OK.

  9. Click OK.

To configure port exceptions

  1. In Windows Firewall, click the Exceptions tab.

  2. In the Programs and Services area, click Add Port.

    Figure 9   Add a Port

    Figure 9   Add a Port
  3. In the Name field, type a name for the port you wish to add. In the Port number field, type the appropriate port number. Click the appropriate TCP or UDP button.

  4. Click Change scope.

    Note: Change scope is an optional configuration that allows you to specify which computers can use the excepted port on your computer. If you do not need to define a scope, you can skip to step 7.

  5. Click either:

    Any computer (including those on the Internet), to allow unsolicited access your computer through the port, or

    My network (subnet) only, to allow computers on the same network subnet as your computer to access your computer through the port, or

    Custom list, to allow only the computers you specify in the custom list field to access your computer through the port

  6. Click OK.

  7. In the Add a Port box, ensure your new port is added to the Programs and Services list, and then click OK.

  8. In the Add a Port box, click OK.

To configure ICMP exceptions

  1. In Windows Firewall on the Advanced tab, in the ICMP section, click Settings.

    Figure 10   ICMP Settings

    Figure 10   ICMP Settings
  2. Select the appropriate settings for ICMP exceptions, for example, if you wish to enable your computer to respond to the ping command, select Allow incoming echo request, and then click OK.         

    Note:  This is the default setting if the File and Printer Sharing exception is enabled.

    Note: For more information on ICMP traffic, see the following:

To disable notifications    

  • In Windows Firewall, on the Exceptions tab, clear Display a notification when Windows Firewall blocks a program, and then click OK.

To set up Windows Firewall log settings        

Note: For information on how to interpret the Windows Firewall log, see the following:

  1. In Windows Firewall, on the Advanced tab, in the Security Logging section, click Settings.

    Figure 11   Log Settings

    Figure 11   Log Settings
  2. On the Log Settings page, select Log dropped packets to record all the connection attempts rejected by your firewall and Log successful connections to record all the connection attempts allowed by your firewall.

  3. Type a path and name for your log (pfirewall.log is the default).

    Note: The location for your log file must be secured to prevent accidental or deliberate modification of the log.

  4. Configure a size limit to ensure that your log does not grow to an unmanageable size, and then click OK.

  5. Click OK to close Windows Firewall and apply the settings.

To use Don't allow exceptions  

Note: Use this setting when you need maximum protection for your computer, such as when you connect to a public network in a hotel or airport, or when a new vulnerability is discovered and either you have not had time to apply a patch your computer or a patch is unavailable.

  1. In SecurityCenter, under Manage security settings for, click Windows Firewall.

  2. On the General tab, select Don't allow exceptions.

    Figure 12   Windows Firewall Don't allow exceptions

    Figure 12   Windows Firewall Don't allow exceptions
  3. Click OK and then close the SecurityCenter.

Configuring Automatic Updates

The default settings for Automatic Updates will meet the needs of most users. In this state, Windows routinely checks the Windows Update Web site for high-priority updates that can help protect your computer from the latest vulnerabilities and other security threats. These updates can include security updates, critical updates, and service packs. Depending on the setting you choose, Windows automatically downloads and installs any high-priority updates that your computer needs, or notifies you as these updates become available.

Note: Automatic Updates will only automatically download system updates that are high-priority. Use Office Update for critical updates to Microsoft Office.

   To configure Automatic Updates

  1. Open SecurityCenter, then under Manage security settings for, click Automatic Updates.

    Figure 13   Automatic Updates

    Figure 13   Automatic Updates
  2. Click one of the following options that matches your desired configuration, and then click OK:

    • Automatic (recommended), then enter a download schedule.

    • Download updates for me, but let me choose when to install them.

    • Notify me but don't automatically download or install them.

    • Turn off Automatic Updates.

Verifying Security Center Settings Are Applied

Verifying Security Center Alerts Are Applied

To verify SecurityCenter Alerts are applied

  1. From the Windows XP SP2 desktop, click Start, click Control Panel.

  2. Under Pick a category, click SecurityCenter.

  3. Under Resources, click Change the way SecurityCenter alerts me.

  4. Verify that the desired alerts configuration is applied to your computer and then click OK to close Alert Settings.

Verifying Windows Firewall Settings Are Applied

To verify Windows Firewall settings are applied

  1. From SecurityCenter,under Manage security settings for, click Windows Firewall.

  2. Click the General, Exceptions, and Advanced tabs, and verify that the desired configuration is applied to Windows Firewall on your computer and then click OK to close Windows Firewall.

Verifying Automatic Updates Settings Are Applied

To verify Automatic Updates settings are applied

  1. From Security Center, under Manage security settings for, click Automatic Updates.

  2. Verify that the desired configuration is applied to Automatic Updates on your computer and then click OK to close Automatic Updates.

Configuring Internet Explorer

Internet Explorer security features help to prevent access to information that you have not given others permission to access, such as credit card information you enter when you shop on the Internet. Internet Explorer security features can also help to protect your computer from potentially unsafe software.

Security features in Internet Explorer include:

  • The ability to block pop-up windows. When you browse the Web unwanted pop-up windows do not automatically appear. Any pop-up windows that you click are not blocked and you can specify certain domains to allow their pop-up windows.

    Note: This setting might affect the functionality of some Web sites and Web applications

  • The ability to update, disable, or re-enable Web browser add-ons. Add-on Management allows users to view and control the list of add-ons that can be loaded by Internet Explorer. Users can enable and disable each add-on individually and view information about how often the add-ons have been used by Internet Explorer.

The Pop-up Blocker is enabled by default, but does not block pop-ups from Web sites that are in the Local intranet Web content zone, or sites that have been added to the Trusted sites Web content zone.

Note: For information on Web content zones, see the following:

If you have disabled the Pop-up Blocker, you can enable it by using one of three different methods:

  • Prompt at first occurrence. A dialog box appears before the first pop-up window appears that asks the customer to enable Pop-up Blocker.

  • Use the tools menu.

  • Use Internet Options from Control Panel.

If a site opens a pop-up window that is blocked by Internet Explorer, a notification appears in the status bar. If you click the notification in the status bar, you see a menu with the following options:

  • Show Blocked Pop-up Window. This option displays the pop-up window, this time unblocked.

  • Allow Pop-up Windows from This Site. This option adds the current site to an Allow list.

  • Block Pop-up Windows. This option toggles the Pop-up Blocker on and off.

  • Pop-up Windows Options. This option opens the Pop-up Windows Management window.

Microsoft research has shown that some add-ons are a major cause of stability issues in Internet Explorer. These add-ons can affect the reliability of Internet Explorer and can also pose a security risk, because they might contain malicious code.

For example, you might unintentionally install an add-on that secretly records all Web page activity and reports it to a central server. Previously, specialized software and deep technical knowledge might have been required to identify and remove that add-on.

Internet Explorer Add-on Management, together with Add-on Crash Detection, gives you the ability to identify and disable problematic add-ons.

Note: For more information on browser security, see the following:

To modify the default Internet Explorer settings, you must perform these procedures on your computer:

  • Change Pop-up blocking

  • Manage Add-ons

Requirements to perform this task

  • Credentials: You must log on to your computer.

    Note: You do not have to log on as a member of the Administrators security group to perform this task

To change pop-up blocking

  1. Click Start, point to All Programs, and then click Internet Explorer.

  2. In Internet Explorer, click Tools, point to Pop-up Blocker, and then click Pop-up Blocker Settings.

    Figure 14   Pop-up Blocker Settings

    Figure 14   Pop-up Blocker Settings
  3. In the Notifications and Filter Level area, choose the check boxes that will enable the way that you are notified when a Pop-up is blocked.

  4. Under Filter Level choose one from High, Medium and Low.

    High: Block all pop-ups, to block all pop-ups

    Medium: Block most automatic pop-ups, to block automatic pop-ups

    Low: Allow pop-ups from secure sites, to allow pop-ups from secure sites

  5. In the Exceptions area, type the address of the Web site that you wish to allow Pop-ups from and then click Add.

  6. Repeat step 5 for all the Web sites that you wish to allow Pop-ups from.

  7. Click Close and then close Internet Explorer.

To manage add-ons

Note: If Internet Explorer is already open, you can open Add-on Management by clicking Tools, clicking Internet Options, and then skipping to step 4 below.

  1. Click Start, and then click Control Panel.

  2. On the Pick a category page, click Network and Internet Connections.

  3. Under or Pick a Control Panel icon, click Internet Options.

    Figure 15   Internet Properties

    Figure 15   Internet Properties
  4. Click the Programs tab.

    Figure 16   Internet Properties – Programs

    Figure 16   Internet Properties – Programs

    Note: Figure 16 displays the default Internet programs list. The list on your computer might be different.

  5. Click Manage Add-ons.

    Cc875822.protsi17(en-us,TechNet.10).gif

    Figure 17   Manage Add-ons
  6. To list the add-ons you wish to manage, in the Show drop-down box, choose either:

    Add-ons currently loaded in Internet Explorer, or

    Add-ons that have been used by Internet Explorer.

    Note: Add-ons currently loaded in Internet Explorer is only available if any Add-ons are installed on your computer.

  7. When the list displays the Add-ons you wish to manage, click the Add-on you wish to disable. Under settings, click Disable and then click OK.

    Note: To enable an already disabled Add-on, select the add-on, and then click Enable.

    Figure 18   Add-on Status Box

    Figure 18   Add-on Status Box
  8. An add-on status box appears. Click OK.

  9. To update an ActiveX control, click the control in the list, then click Update ActiveX, and then click OK.

  10. Click OK to close the Manage Add-ons page.

  11. Click OK to close Internet Properties and then close Network and Internet Connections.

Verifying Internet Explorer Settings Are Applied

When you verify Internet Explorer settings, some tabs and options in the dialog boxes might be unavailable depending on your configuration.

To verify Internet Explorer settings are applied

  1. From Security Center, under Manage security settings for, click Internet Options.

  2. Click Privacy

  3. In the Pop-up Blocker area, verify that Block Pop-ups is selected and then click Settings.

  4. Verify that the desired exceptions, notifications, and filter levels are applied to your computer and then click Close to close Pop-up Blocker Settings.

  5. Click the Programs tab.

  6. Click Manage Add-ons and verify that the desired configuration of Enable or Disable is set for each Add-on and then click OK to close Manage Add-ons.

  7. Close Internet Properties then close Security Center.

  8. Close Control Panel

Configuring Outlook Express

E-mail programs use the features of HyperText Markup Language (HTML) to enhance the look and content of e-mails. HTML is used to add different colors and sizes to fonts as well as a number of other effects that change the appearance of an e-mail message. Unfortunately, using HTML has added two vulnerabilities to e-mail:

  • HTML can act as a conduit for scripts to run on your computer. This means that anyone who sends you an e-mail using HTML could cause your computer to run scripts to perform actions that you have no control over.

  • Businesses that use spam as a marketing technique typically include links—in the e-mails that they send out—to images on their Web servers. The recipient is not aware of potentially malicious content. When the user opens an e-mail that contains the link Outlook Express automatically contacts the Web server to download and display the images. When the request for the image is made to the Web server, it can ascertain that a spam e-mail message was received by an active e-mail account, thus validating the e-mail address in the spam originator’s mailing list.

To lessen the risks posed by these issues, Outlook Express includes the following features:

  • Plain text mode. This feature provides you with the option to display e-mail messages in plain text instead of HTML. This removes access to links that might be used for malicious purposes.

  • Don’t Download External HTML Content. This default feature prevents the verification of an active e-mail address with the spam originator because it does not allow the use of any external links. This feature also minimizes a common problem for computers that use dial-up network connections. Any attempt to view an HTML message that included external content causes the modem to dial out to download the external content.

  • Attachment Manager. Outlook Express calls the Attachment Manager when you receive e-mail attachments. If an attachment is considered safe, Outlook Express makes it completely available to you, displaying any safe images and making it possible to open safe attachments. Examples of attachments and file types included in this category are text files (.txt) and graphics files such as JPEGs (.jpg) and GIFs (.gif). If an attachment is identified as potentially unsafe, an executable program for example, Attachment Manager will block it so you won't be able to open it without taking explicit action. You will see a notice of the blockage. Examples of attachments in this category include executable files (.exe), screensavers (.scr), and script files (including .vbs). If the safety of an attachment is undetermined, you'll receive a warning when you try to move, save, open, or print the file.

    Note: Microsoft Windows Messenger, and Internet Explorer also use the Attachment Manager to handle e-mail attachments and Internet downloads. These programs and their components might be affected by modification of these settings.

    When you save files to your hard disk from a program that uses the Attachment Manager, the Web content zone information for the file is also saved with the file.

    Note: For more information about Attachment Manager, see the following:

To configure Outlook Express you must perform these procedures:

  • Enable Plain Text mode

  • Use Security Options to configure how Outlook Express handles attachments

Requirements to perform this task

  • Credentials: You must log on as a member of the Users group.

    Note: You do not have to log on as a member of the administrators security group to perform this task

Enabling Plain Text mode

To enable Plain Text mode

  1. Click Start, point to All Programs, and then click Outlook Express.

  2. In Outlook Express, click Tools, click Options, and then click the Read tab.

    Figure 19   Outlook Express Read options

    Figure 19   Outlook Express Read options
  3. In the Reading Messages section, select Read all messages in plain text, and then click Apply.

  4. Click the Send tab.

    Figure 20   Outlook Express Send options

    Figure 20   Outlook Express Send options
  5. Ensure that in the Mail Sending Format and News Sending Format areas that the Plain Text radio button is selected, and then click OK.

Using Security Options to Configure How Outlook Express Handles Attachments

The default settings for security options will meet the needs of most users.    

To use Security Options to configure how Outlook Express handles attachments

  1. In Outlook Express, click Tools, then click Options, and then click Security.

    Figure 21   Outlook Express Security options

    Figure 21   Outlook Express Security options
  2. To enable default settings, under Virus Protection selectthese options:

    Restricted sites zone (More secure)

    Warn me when other applications try to send mail as me

    Do not allow attachments to be saved or opened that could potentially be a virus

  3. To enable default settings, under Download Images select these options:

    Block images and other external content in HTML e-mail

  4. Click OK.

Verifying Outlook Express Settings Are Applied

To verify Outlook Express settings are applied

  1. Click Start, point to All Programs, and then click Outlook Express.

  2. In Outlook Express, click Tools, click Options, and then click the Read tab.

  3. Verify that Read all messages in plain text is selected then click the Send tab.

  4. Verify that in the Mail Sending Format and News Sending Format areas that Plain Text is selected, and then click the Security tab.

  5. Under Virus Protection select these options:

    Restricted sites zone (More secure)

    Warn me when other applications try to send mail as me

    Do not allow attachments to be saved or opened that could potentially be a virus

  6. Under Download Images select these options:

    Block images and other external content in HTML e-mail

  7. Click OK.

  8. Close Outlook Express.

Configuring Wireless Network Security

Wireless local area network (WLAN) technologies have become a popular network alternative to connect multiple computers in a home or small business. Although wireless networks introduce location flexibility, they also potentially increase the vulnerability of your computer and network environment and introduce security issues that do not exist with conventional wire-based networking technologies such as Ethernet connections. These security issues include:

  • Authentication requirements that specify which computers are allowed to join the wireless network.

  • Encryption settings that specify how transmitted wireless data is encrypted so that an eavesdropper cannot interpret the data being sent, or access network resources such as shared folders.

For a home or small office, there are two recommended choices for authentication and encryption:

  • Open system authentication with Wired Equivalent Privacy (WEP) encryption.

  • Wi-Fi Protected Access (WPA) with pre-shared network key authentication.

You should use WEP encryption only if all of your network devices do not support WPA. Microsoft strongly recommends using WPA-capable wireless devices.

Note: For more information about WPA see the following:

The Wireless Network Setup Wizard guides you through the configuration of wireless network settings and allows you to configure:

  • A name for your wireless connection service

  • The authentication and encryption method

  • A strong WEP or WPA network key

If you wish to copy the configuration to other wireless devices, the wizard can then write that configuration as a set of Extensible Markup Language (XML) files on a Universal Serial Bus (USB) flash drive. Plug the flash drive into an available USB port on other wireless devices in the home or small office that supports wireless networking to import these settings. The wireless devices automatically read the settings from the XML files stored on the flash drive and configure themselves with the same settings as the computer on which the Wireless Network Setup Wizard was initially run.

To use the Wireless Network Setup Wizard, complete the following task.

Requirements to perform this task

  • Credentials: You must log on to your computer as an account in the Administrators security group.

Using the Wireless Network Setup Wizard

To use the Wireless Network Setup Wizard

  1. Click Start, point to All Programs, point to Accessories, point to Communications, and then click Wireless Network Setup Wizard.

    Cc875822.protsi22(en-us,TechNet.10).gif

    Figure 22   Wireless Network Setup Wizard
  2. Click Next.

    Cc875822.protsi23(en-us,TechNet.10).gif

    Figure 23   Create a name for your wireless network

    Note: If you want the Wireless Network Setup Wizard to create a WEP key (instead of WPA), clear the Use WPA encryption check box. If you want the Wireless Network Setup Wizard to create a strong WPA network key select the Use WPA encryption check box.

  3. Type a name for your wireless network (also known as the Service Set Identifier [SSID]), then select either:

    Automatically assign a network key (recommended)

    Or

    Manually assign a network key

  4. Click Next.

    Note: If you select Manually assign a network key, you are prompted to enter a WEP or WPA key for your private network. You must enter and then confirm the key and then click Next.

    Cc875822.protsi24(en-us,TechNet.10).gif

    Figure 24   How do you want to set up your network
  5. Click either:

    Use a USB flash drive.The Wireless Network Setup Wizard prompts you to insert your flash device so that it can create the XML files for the wireless network configuration (which includes the wireless network name, authentication and encryption methods, and the WEP key or WPA network key). Click Next and then click Finish.

    Or

    Set up a network manually. The Wireless Network Setup Wizard prompts you to print the wireless network settings so that you can take the printed wireless network configuration to each wireless device for manual configuration. Click Next, then click Print Settings and then click Finish.

Verifying Wireless Network Security Settings Are Applied

To verify Wireless Network Security settings are applied

  1. From the Windows XP SP2 desktop, click Start, click Control Panel.

  2. Under Pick a category, click Network and Internet Connections.

  3. Click Network Connections, right-click your Wireless Network Connection object and then click Properties.

  4. On the Wireless Networks tab, under Preferred networks, select the wireless network you configured with the Wireless Network Setup Wizard and then click Properties.

  5. Click the Association and Authentication tabs, verify that the configuration you want is applied to your wireless network and then click OK to close your wireless network properties.

  6. Click OK to close your Wireless Network Connection Properties and then close Network Connections.

Related Information

For more information about Windows XP SP2 network protection, see the following:

For more information about Windows XP SP2 security, see the following:

For definitions of security-related terms, see the following:

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft