Related Links |
bintec X2250
Extensive routing functionality paired with secure wireless network access: the bintec X2250 wireless router
Funkwerk Enterprise Communications is proud to present the first member of the well-known bintec router family to be equipped with a wireless interface: the bintec X2250 wireless router. This router combines the features users are familiar with in the X-Generation and VPN series products with an 802.11b/g WLAN interface, thus enabling wireless access to the network as well.
Wireless network access according to 802.11b/g
The bintec X2250 operates in accordance with the 802.11g IEEE standard and transmits data at 54 Mbps in the 2.4 GHz frequency range. Because this standard is compatible with the slower 11 Mbps 802.11b variant, it is also possible to install the bintec X2250 in existing 11 Mbps environments. The router’s comprehensive range of features makes it easy to establish wireless, secure access to corporate resources or mobile access to the Internet.
Extensive security mechanisms
Although wireless routers make a comprehensive range of mobile applications possible, data transmission via the air interface is not without the risks that using a so-called shared medium harbor. Since this transmission medium can be accessed from virtually anywhere in the vicinity, this system places particularly high demands on secure data transmission. As a result, the router also supports the 802.11i IEEE standard, which specifically defines the security requirements in the WLAN. Thus, the bintec X2250 provides not only WEP encryption, it also offers a higher security level by supporting the 802.11i-compliant WPA specification. To further enhance security, it is also possible to define MAC filters to regulate access to the WLAN when a wireless client is registered.
Port-based WLAN access according to 802.1x
Many network attacks can be launched using fairly primitive methods as soon as access to the local network is available. If this access is already regulated at the port level this will mean increased security for the local network. The corresponding standard for port-based authentication is known as 802.1x and is also supported by the bintec X2250. 802.1x uses EAP (Extensible Authentication Protocol) to transmit authentication information between the access point and a Radius server. The bintec X2250 supports a wide variety of EAP variants, thus offering the greatest possible flexibility for the integration of 802.1x-based access control for WLAN.
Powerful encryption thanks to WPA
The first attempt at secure data transmission for WLANs was the WEP (Wired Equivalent Privacy) protocol. It soon became apparent, however, that this method of encryption in combination with keys of different lengths exhibited a number of vulnerabilities and conventional software tools were all that was needed to crack the code. To circumvent the weaknesses discovered in the WEP protocol, WPA (Wi-Fi Protected Access) was quickly developed, a secure method of encryption for WLANs. The bintec X2250 offers not only downward compatibility to existing WEP-encrypted WLANs, it also supports the secure WPA encryption. In addition to a preshared key using the TKIP protocol (Temporal Key Integrity Protocol), WPA also offers the option of user authentication according to 802.1x. Because the bintec X2250 supports the WPA enterprise and the WPA-PSK modes, it is equally suitable for implementation in corporate networks with their own Radius servers or in SOHO environments. Thus, the bintec X2250 is able to afford optimally secured access to the WLAN for application scenarios of any size.
Definition of different user groups
In the past, it was only possible to define one WLAN per wireless interface, which was then clearly classified by the SSID (Service Set Identifier). In supporting Multi SSID, however, the bintec X2250 now makes it possible to define several WLANs per interface to allow for different levels of WLAN security. If assigned an SSID of its own, a user group can be given a separate set of security regulations. The type of authentication or encryption can then be defined individually, as required. This makes it possible to provide internal network access via MAC filters and WPA Radius authentication parallel to unsecured Internet access via a bintec X2250.
Best possible reception
In order to provide optimal communications via the air interface, the bintec X2250 is equipped with a duo-antenna. Both receivers are tuned to the same frequency and take advantage of the antenna diversity function to afford optimized reception quality. Since even the slightest change in the direct environment or in the location of a wireless client can result in a change in reception quality for the bintec X2250, the two antenna receivers are configured so that communication takes place using the antenna with the best reception at any particular time.
Wireless infrastructures
Equipped with WDS (Wireless Distribution System) support, the bintec X2250 offers the option of establishing a wireless connection between two WLAN access points. This makes it possible to extend a wired infrastructure at points where laying additional lines would be either too expensive or very complicated. The flexibility achieved in using WDS functionality can, for example, effectively connect office space that is otherwise separated by public space.
Accustomed range of features
In addition to the new wireless functionalities, the bintec X2250 is a wireless router that affords the same range of convenient features as the previous bintec routers. Along with two Fast Ethernet interfaces, the device is equipped with an ISDN connection that is able to serve as an ISDN backup if the WAN connection should fail. The local network is secured by the integrated firewall function. In order to set up a secure VPN connection, the bintec X2250 is already equipped with five usable IPSec tunnels; additional tunnels can be activated following the purchase of a license.
The bintec X2250 operates in accordance with the 802.11g IEEE standard and transmits data at 54 Mbps in the 2.4 GHz frequency range. Because this standard is compatible with the slower 11 Mbps 802.11b variant, it is also possible to install the bintec X2250 in existing 11 Mbps environments. The router’s comprehensive range of features makes it easy to establish wireless, secure access to corporate resources or mobile access to the Internet.
Extensive security mechanisms
Although wireless routers make a comprehensive range of mobile applications possible, data transmission via the air interface is not without the risks that using a so-called shared medium harbor. Since this transmission medium can be accessed from virtually anywhere in the vicinity, this system places particularly high demands on secure data transmission. As a result, the router also supports the 802.11i IEEE standard, which specifically defines the security requirements in the WLAN. Thus, the bintec X2250 provides not only WEP encryption, it also offers a higher security level by supporting the 802.11i-compliant WPA specification. To further enhance security, it is also possible to define MAC filters to regulate access to the WLAN when a wireless client is registered.
Port-based WLAN access according to 802.1x
Many network attacks can be launched using fairly primitive methods as soon as access to the local network is available. If this access is already regulated at the port level this will mean increased security for the local network. The corresponding standard for port-based authentication is known as 802.1x and is also supported by the bintec X2250. 802.1x uses EAP (Extensible Authentication Protocol) to transmit authentication information between the access point and a Radius server. The bintec X2250 supports a wide variety of EAP variants, thus offering the greatest possible flexibility for the integration of 802.1x-based access control for WLAN.
Powerful encryption thanks to WPA
The first attempt at secure data transmission for WLANs was the WEP (Wired Equivalent Privacy) protocol. It soon became apparent, however, that this method of encryption in combination with keys of different lengths exhibited a number of vulnerabilities and conventional software tools were all that was needed to crack the code. To circumvent the weaknesses discovered in the WEP protocol, WPA (Wi-Fi Protected Access) was quickly developed, a secure method of encryption for WLANs. The bintec X2250 offers not only downward compatibility to existing WEP-encrypted WLANs, it also supports the secure WPA encryption. In addition to a preshared key using the TKIP protocol (Temporal Key Integrity Protocol), WPA also offers the option of user authentication according to 802.1x. Because the bintec X2250 supports the WPA enterprise and the WPA-PSK modes, it is equally suitable for implementation in corporate networks with their own Radius servers or in SOHO environments. Thus, the bintec X2250 is able to afford optimally secured access to the WLAN for application scenarios of any size.
Definition of different user groups
In the past, it was only possible to define one WLAN per wireless interface, which was then clearly classified by the SSID (Service Set Identifier). In supporting Multi SSID, however, the bintec X2250 now makes it possible to define several WLANs per interface to allow for different levels of WLAN security. If assigned an SSID of its own, a user group can be given a separate set of security regulations. The type of authentication or encryption can then be defined individually, as required. This makes it possible to provide internal network access via MAC filters and WPA Radius authentication parallel to unsecured Internet access via a bintec X2250.
Best possible reception
In order to provide optimal communications via the air interface, the bintec X2250 is equipped with a duo-antenna. Both receivers are tuned to the same frequency and take advantage of the antenna diversity function to afford optimized reception quality. Since even the slightest change in the direct environment or in the location of a wireless client can result in a change in reception quality for the bintec X2250, the two antenna receivers are configured so that communication takes place using the antenna with the best reception at any particular time.
Wireless infrastructures
Equipped with WDS (Wireless Distribution System) support, the bintec X2250 offers the option of establishing a wireless connection between two WLAN access points. This makes it possible to extend a wired infrastructure at points where laying additional lines would be either too expensive or very complicated. The flexibility achieved in using WDS functionality can, for example, effectively connect office space that is otherwise separated by public space.
Accustomed range of features
In addition to the new wireless functionalities, the bintec X2250 is a wireless router that affords the same range of convenient features as the previous bintec routers. Along with two Fast Ethernet interfaces, the device is equipped with an ISDN connection that is able to serve as an ISDN backup if the WAN connection should fail. The local network is secured by the integrated firewall function. In order to set up a secure VPN connection, the bintec X2250 is already equipped with five usable IPSec tunnels; additional tunnels can be activated following the purchase of a license.