Quadrate amplitude modulation. A modulation technique used by IEEE 802.11-compliant wireless LANs for transmission at 24 and 36 Mbps.
Quadrate amplitude modulation. A modulation technique used by IEEE 802.11-compliant wireless LANs for transmission at 48 and 54 Mbps.
Also called 802.1X for 802.11. 802.1X is the standard for wireless LAN security, as defined by the Institute of Electrical and Electronics Engineers (IEEE). An access point that supports 802.1X and its protocol, Extensible Authentication Protocol (EAP), acts as the interface between a wireless client and an authentication server, such as a Remote Authentication Dial-In User Service (RADIUS) server, to which the access point communicates over the wired network.
The IEEE standard that specifies carrier sense media access control and physical layer specifications for 1- and 2-megabit-per-second (Mbps) wireless LANs operating in the 2.4-GHz band.
The IEEE standard that governs the deployment of 5-GHz OFDM systems. It specifies the implementation of the physical layer for wireless UNII bands (see
UNII 1, and
UNII 2) and provides four channels per 100 MHz of bandwidth.
The IEEE standard that specifies carrier sense media access control and physical layer specifications for 5.5- and 11-Mbps 2.4-GHz wireless LANs.
The IEEE standard that specifies carrier sense media access control and physical layer specifications for 54-Mbps 2.4-GHz wireless LANs.
The IEEE standard that defines security standards for wireless LANs. It specifies encryption, authentication, and key management strategies for wireless data and system security. It includes the TKIP and AES-CCMP data-confidentiality protocols.
A wireless LAN data transceiver that uses radio waves to connect a wired network with wireless stations.
ad hoc network
A wireless network composed of stations without access points.
Advanced Encryption Standard encryption algorithm using Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). AES-CCMP is the encryption protocol in the 802.11i standard.
A set of characters that contains both letters and numbers.
A station is configured properly to enable it to wirelessly communicate with an access point.
Specifies the amount of the frequency spectrum that is usable for data transfer. It identifies the maximum data rate that a signal can attain on the medium without encountering significant power loss.
Binary phase shift keying. A modulation technique used by IEEE 802.11-compliant wireless LANs for transmission at 1 Mbps.
broadcast key rotation
A security feature for use with dynamic WEP keys. If your client adapter uses LEAP, EAP-FAST, EAP-TLS, or PEAP authentication and you enable this feature, the access point changes the dynamic broadcast WEP key that it provides at the interval you select.
Complementary code keying. A modulation technique used by IEEE 802.11b-compliant wireless LANs for transmission at 5.5 and 11 Mbps.
Cisco Centralized Key Management. Using CCKM, authenticated client devices can roam from one access point to another without any perceptible delay during reassociation. An access point on your network provides wireless domain services (WDS) and creates a cache of security credentials for CCKM-enabled client devices on the subnet. The WDS access point's cache of credentials dramatically reduces the time required for reassociation when a CCKM-enabled client device roams to a new access point.
Cisco Key Integrity Protocol. Cisco's WEP key permutation technique based on an early algorithm presented by the IEEE 802.11i security task group.
A radio device that uses the services of an access point to communicate wirelessly with other devices on a local area network.
Carrier sense multiple access. A wireless LAN media access method specified by the IEEE 802.11 specification.
Cyclic redundancy check. A method of checking for errors in a received packet.
The range of data transmission rates supported by a device. Data rates are measured in megabits per second (Mbps).
A ratio of decibels to an isotropic antenna that is commonly used to measure antenna gain. The greater the dBi value, the higher the gain and the more acute the angle of coverage.
Dynamic Host Configuration Protocol. A protocol available with many operating systems that automatically issues IP addresses within a specified range to devices on the network. The device retains the assigned address for a specific administrator-defined period.
Direct-sequence spread spectrum. A type of spread spectrum radio transmission that spreads its signal continuously over a wide frequency band.
Packets that were received twice because an acknowledgement got lost and the sender retransmitted the packet.
Extensible Authentication Protocol. EAP is the protocol for the optional IEEE 802.1X wireless LAN security feature. An access point that supports 802.1X and EAP acts as the interface between a wireless client and an authentication server, such as a Remote Authentication Dial-In User Service (RADIUS) server, to which the access point communicates over the wired network.
Extensible Authentication Protocol - Flexible Authentication via Secure Tunneling. An 802.1X authentication type that is available for use with Windows 2000 and XP. With EAP-FAST, a username, password, and PAC are used by the client adapter to perform mutual authentication with the RADIUS server through an access point.
The most widely used wired local area network. Ethernet uses carrier sense multiple access (CSMA) to enable computers to share a network and operates at 10, 100, or 1000 megabits per second (Mbps), depending on the physical layer used.
A repository for files so that a local area network can share files, mail, and programs.
The size at which packets are fragmented and transmitted a piece at a time instead of all at once. The setting must be within the range of 64 to 2312 bytes.
A means of communication whereby each node receives and transmits simultaneously (two-way). See also
A device that connects two otherwise incompatible networks together.
Gigahertz. One billion cycles per second. A unit of measure for frequency.
A means of communication whereby each node receives and transmits in turn (one-way). See also
A set of characters consisting of ten numbers and six letters (0-9, A-F, and a-f).
Institute of Electrical and Electronics Engineers. A professional society serving electrical engineers through its publications, conferences, and standards development activities. The body responsible for the Ethernet 802.3 and wireless LAN 802.11 specifications.
The wired Ethernet network.
A device (such as an access point, bridge, or base station) that connects client adapters to a wired LAN.
The Internet Protocol address of a station.
IP subnet mask
The number used to identify the IP subnetwork, indicating whether the IP address can be recognized on the LAN or if it must be reached through a gateway.
Internetwork Packet Exchange. The NetWare network layer protocol used for transferring data from servers to workstations.
LEAP, or EAP-Cisco Wireless, is an 802.1X authentication type. With LEAP, a username and password are used by the client adapter to perform mutual authentication with the RADIUS server through an access point.
The Media Access Control (MAC) address is a unique serial number assigned to a networking device by the manufacturer.
Management frame protection (MFP) is a feature that allows management frames to be transmitted more securely. When MFP is enabled, the access point protects the management frames it transmits by adding a message integrity check information element (MIC IE) to each frame. Any attempt to copy, alter, or replay the frame invalidates the MIC, which causes devices that are configured to detect MFP frames to report the discrepancy.
The client adapter software configures MFP automatically based on how MFP is configured on the access point.
Message integrity check. MIC prevents bit-flip attacks on encrypted packets. During a bit-flip attack, an intruder intercepts an encrypted message, alters it slightly, and retransmits it, and the receiver accepts the retransmitted message as legitimate. The client adapter's driver must support MIC functionality, and MIC must be enabled on the access point.
Any of several techniques for combining user information with a transmitter's carrier signal.
Packets transmitted to multiple stations.
The echoes created as a radio signal bounces off of physical objects.
Orthogonal frequency division multiplexing. A multicarrier modulation method for broadband wireless communications.
Packets that were discarded because the access point had a temporary overload of packets to handle.
Protected access credentials. Credentials that are either automatically or manually provisioned and used to perform mutual authentication with the RADIUS server during EAP-FAST authentication. PACs are created by the Cisco Secure ACS server and are identified by an ID. The user obtains his or her own copy of the PAC from the server, and the ID links the PAC to the profile created in ADU. When manual PAC provisioning is enabled, the PAC file is manually copied from the server and imported onto the client device.
A basic message unit for communication across a network. A packet usually includes routing information, data, and sometimes error detection information.
Quality of service. QoS on wireless LANs provides prioritization of traffic from the access point over the WLAN based on traffic classification. The benefits of QoS become more obvious as the load on the wireless LAN increases, keeping the latency, jitter, and loss for selected traffic types within an acceptable range.
Quadruple phase shift keying. A modulation technique used by IEEE 802.11-compliant wireless LANs for transmission at 2 Mbps.
The frequency at which a radio operates.
A linear measure of the distance that a transmitter can send a signal.
A measurement of the weakest signal a receiver can receive and still correctly translate it into data.
Radio frequency. A generic term for radio-based technology.
A feature of some access points that enables users to move through a facility while maintaining an unbroken connection to the LAN.
The packet size at which an access point issues a request to send (RTS) before sending the packet.
A radio transmission technology that spreads data over a much wider bandwidth than otherwise required in order to gain benefits such as improved interference tolerance and unlicensed operation.
Service set identifier. A unique identifier that stations must use to be able to communicate with an access point. The SSID can be any alphanumeric entry up to a maximum of 32 characters.
Temporal Key Integrity Protocol. Also referred to as WEP key hashing. A security feature that defends against an attack on WEP in which the intruder uses the initialization vector (IV) in encrypted packets to calculate the WEP key. TKIP removes the predictability that an intruder relies on to determine the WEP key by exploiting IVs.
The power level of radio transmission.
Packets transmitted in point-to-point communication.
Unlicensed National Information Infrastructure. An FCC regulatory domain for 5-GHz wireless devices. UNII bands are 100 MHz wide and divided into four channels when using 802.11a OFDM modulation.
A UNII band dedicated to in-building wireless LAN applications. UNII 1 is located at 5.15 to 5.25 GHz and allows for a maximum transmit power of 40 mW (or 16 dBm) with an antenna up to 6 dBi. UNII 1 regulations require a nonremovable, integrated antenna.
A UNII band dedicated to in-building wireless LAN applications. UNII 2 is located at 5.25 to 5.35 GHz and allows for a maximum transmit power of 200 mW (or 23 dBm) with an antenna up to 6 dBi. UNII 2 regulations allow for an auxiliary, user-installable antenna.
A UNII band dedicated to wireless LAN applications. UNII 3 is located at 5.725 to 5.825 GHz and allows for a maximum transmit power of 1 Watt (or 30 dBm) with an antenna up to 6 dBi. UNII 3 regulations allow for an auxiliary, user-installable antenna.
A switched network that is logically segmented, by functions, project teams, or applications rather than on a physical or geographical basis. For example, all workstations and servers used by a particular workgroup team can be connected to the same VLAN regardless of their physical connections to the network or the fact that they might be intermingled with other teams. You use VLANs to reconfigure the network through software rather than physically unplugging and moving devices or wires.
A VLAN consists of a number of end systems, either hosts or network equipment (such as bridges and routers), connected by a single bridging domain. The bridging domain is supported on various pieces of network equipment such as LAN switches that operate bridging protocols between them with a separate group for each VLAN.
Wireless domain services (WDS). An access point providing WDS on your wireless LAN maintains a cache of credentials for CCKM-capable client devices on your wireless LAN. When a CCKM-capable client roams from one access point to another, the WDS access point forwards the client's credentials to the new access point with the multicast key. Only two packets pass between the client and the new access point, greatly shortening the reassociation time.
Wired equivalent privacy. An optional security mechanism defined within the 802.11 standard designed to protect your data as it is transmitted through your wireless network by encrypting it through the use of encryption keys.
Wi-Fi Multimedia. WMM is a component of the IEEE 802.11e wireless LAN standard for quality of service (QoS). It specifically supports priority tagging and queuing.
A computing device with an installed client adapter.
Wi-Fi Protected Access. A standards-based security solution from the Wi-Fi Alliance that provides data protection and access control for wireless LAN systems. It is compatible with the IEEE 802.11i standard but was implemented prior to the standard's ratification. WPA uses TKIP and MIC for data protection and 802.1X for authenticated key management.
Wi-Fi Protected Access 2. The next generation of Wi-Fi security. It is the Wi-Fi Alliance's implementation of the ratified IEEE 802.11i standard. WPA2 uses AES-CCMP for data protection and 802.1X for authenticated key management.