Export (0) Print
Expand All

Appendix A: 802.1X Authenticated Wireless Access Requirements

Updated: December 19, 2008

Applies To: Windows Server 2008, Windows Server 2008 R2

Windows Server 2008, Windows Vista, Windows XP, and Windows Server 2003 provide built-in support for 802.11 wireless LAN networking. An installed 802.11 wireless LAN network adapter appears as a wireless network connection in the Network Connections folder. Although there is built-in support for 802.11 wireless LAN networking, the wireless components of Windows are dependent upon the following:

  • The capabilities of the wireless network adapter. The installed wireless network adapter must support the wireless LAN or wireless security standards that you require. For example, if the wireless network adapter does not support Wi-Fi Protected Access (WPA), you cannot enable or configure WPA security options.

  • The capabilities of the wireless network adapter driver. To allow you to configure wireless network options, the driver for the wireless network adapter must support the reporting of all of its capabilities to Windows. Verify that the driver for your wireless network adapter was written for the capabilities of Windows Vista or Windows XP and is the most current version by checking Microsoft Update or the Web site of the wireless network adapter vendor.

The following table shows the transmission rates and frequencies for IEEE 802.11 wireless standards.

 

Standards Frequencies Bit Transmission Rates Usage

802.11

S-Band Industrial, Scientific, and Medical (ISM) frequency range (2.4 to 2.5 GHz)

2 megabits per second (Mbps)

Obsolete. Not commonly used.

802.11b

S-Band ISM

11 Mbps

Commonly used.

802.11a

C-Band ISM (5.725 to 5.875 GHz)

54 Mbps

Not commonly used due to expense and limited range.

802.11g

S-Band ISM

54 Mbps

Widely used. 802.11g devices are compatible with 802.11b devices.

802.11n (IEEE standards development are in progress)

C-Band and S-Band ISM

250 Mbps

Devices based on the pre-ratification IEEE 802.11n standard became available in August 2007. Many 802.11n devices are compatible with 802.11a, b, and g devices.

The following table shows wireless security standards and their corresponding authentication and encryption methods.

 

Security Standard Authentication Methods Encryption Methods Encryption Key Size (in bits) Comments

IEEE 802.11

Open system and shared key

Wired Equivalent Privacy (WEP)

40 and 104

Use is strongly discouraged due to weak Wi-Fi authentication and encryption.

IEEE 802.1X

Extensible Authentication Protocol (EAP) authentication methods

N/A

N/A

Strong EAP methods provide strong authentication.

Wi-Fi Protected Access (WPA)-Enterprise

802.1X

Temporal Key Integrity Protocol (TKIP) and Advanced Encryption Standard (AES) (optional)

128

Strong authentication (with strong EAP method) and strong (TKIP) or very strong (AES) encryption.

WPA-Personal

Pre-shared key (PSK)

TKIP and AES (optional)

128

Strong authentication (with strong PSK) and strong (TKIP) or very strong (AES) encryption.

WPA2-Enterprise

802.1X

TKIP and AES

128

Strong authentication (with strong EAP method) and strong (TKIP) or very strong (AES) encryption.

WPA2-Personal

PSK

TKIP and AES

128

Strong authentication (with strong PSK) and strong (TKIP) or very strong (AES) encryption.

Microsoft recommends that you use one of the following combinations of wireless security technologies (in order of most to least secure):

  1. WPA2 with AES encryption, PEAP-TLS or EAP-TLS authentication, and both user and computer certificates.

  2. WPA2 with AES encryption, PEAP-MS-CHAP v2 authentication, and a requirement for users to set strong user passwords.

  3. WPA with EAP-TLS or PEAP-TLS authentication and both user and computer certificates.

  4. WPA with PEAP-MS-CHAP v2 authentication and a requirement for users to set strong user passwords.

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft