Wi-Fi Connectivity Planning / Security |
Vocera supports industry standard security systems as well as popular proprietary security methods such as EAP-TLS and WPA-PEAP.
The following table summarizes the security support in Vocera.
Authentication | Encryption | C1000 Support | V5000 Support | B3000n Support |
---|---|---|---|---|
Open |
None WEP64 WEP128 Note: Vocera recommends that you do not choose encryption TKIP and AES in the
same WLAN.
|
Yes No No |
Yes No No |
Yes Yes Yes |
WPA-PEAP WPA-PSK EAP-FAST EAP-TLS |
TKIP-WPA TKIP-WPA TKIP-WPA TKIP-WPA |
No No No No |
No No No No |
Yes Yes Yes Yes |
WPA-PEAP WPA-PSK EAP-FAST EAP-TLS |
AES-CCMP AES-CCMP AES-CCMP AES-CCMP |
Yes Yes Yes Yes |
Yes Yes Yes Yes |
Yes Yes Yes Yes |
The WPA-PEAP, EAP-FAST, and EAP-TLS protocols typically require each user in a network environment to be authenticated with a unique set of credentials. However, each badge in a profile must have the same security properties so that the Vocera Voice Server can automatically update all badges when necessary. Consequently, Vocera supports device authentication for WPA-PEAP, EAP-FAST, and EAP-TLS, not user authentication.
Vocera recommends that all badges use the same set of credentials for network authentication. However, device authentication also support unique certificates for each badge when EAP-TLS is used.
The WiFi Alliance (WFA) has deprecated support for WEP, and newer versions of wireless controllers may not have configuration options for TKIP. Even though the B3000n and B3000 badges support WEP or TKIP, Vocera recommends not using them.
The following table displays details of the models, manufacturers, and the supported authentication tests conducted by Vocera.
Model | Manufacturer | Supported Authentication |
---|---|---|
Access Control Server (ACS) | Cisco | EAP-TLS, EAP-FAST, WPA-PEAP |
Internet Authentication Service (IAS) | Microsoft | EAP-TLS, WPA-PEAP (badge only) |
Steel-Belted Radius | Juniper Networks | PEAP |
Identity Service Engine (ISE) | Cisco | EAP-TLS, EAP-FAST, WPA-PEAP |
HostAPD | Opensource | EAP-TLS, EAP-FAST, WPA-PEAP |