Re: [WIRELESS-LAN] need help to substantiate an SSID recommendation

Thu, 24 Jan 2013 10:01:45 -0800 

Jake,
Your contact is correct in stating that using TKIP instead of AES will use less overhead on the AP/controller & client, because TKIP is less complex than AES (and less secure). You can extrapolate this to "using _no_ encryption will cut overhead dramatically". While our friends at NSA will tell us that no encryption scheme is 100% secure forever, most of us try to stay ahead of the hackers by using the most secure encryption and keys supported by the technology, and helping the technology companies understand our demand that they develop robust support for that security in their products. So I guess that my response to your contact concerning the encryption might have been a query as to (a) if his company's product had problems supporting AES, and under what conditions, and (b) ask when his company's products would be able to handle AES comfortably. 

Peter

On 1/24/2013 12:43 PM, Barros, Jacob wrote:

I feel silly asking this question but value your opinions.  We 
recently had some authentication errors that caused me to open a 
support case.  The engineer I was working with eluded to the fact that 
having a space in my SSID name could be contributing to the problem 
though not the root.  He also inferred that using TKIP instead of AES 
would cut processing requirements on the controller and therefore 
grant better performance.  I have not been able to confirm his 
opinions from those I have asked (including other engineers from the 
same company) nor in print.



We are using a single SSID for most of our campus, 'Grace WiFi' 
 WPA2-PSK AES. Theoretically, should I get better performance (or less 
overhead) from 'Grace-WiFi' WPA2-PSK TKIP?



Leaving the vendor/company out of this conversation, will you please 
comment on whether or not these changes will make a difference?  I 
would love to either substantiate or debunk this theory.




Jake Barros  |  Network Administrator  |  Office of Information Technology
Grace College and Seminary  |  Winona Lake, IN  |  574.372.5100 x6178

********** Participation and subscription information for this 
EDUCAUSE Constituent Group discussion list can be found at 
http://www.educause.edu/groups/.





--
Peter Murphy
Director Network Engineering & Security
Wayne State University
[email protected]
v: 313-577-4737

**********
Participation and subscription information for this EDUCAUSE Constituent Group 
discussion list can be found at http://www.educause.edu/groups/.






















					Reply via email to