Chapter 16: Securing Your Wireless Network Cross-Ref For more on 802.1X, see Chapter 15. n WPA2 Eventually, the final 802.11i standard was ratified, and when it was, the Wi-Fi Alliance adopted it under the name WPA2. For all practical purposes, you can use WPA2 and 802.11i interchangeably, although WPA2 is the more common term by far. Like the first version of WPA, WPA2 comes in Personal and Enterprise varieties. The most significant change between WPA and WPA2 is that the latter offered a new security option: AES-CCMP (Advanced Encryption Standard-Counter Mode with Cipher Block Chaining Message Authentication Code Protocol). This brand of AES is (as of late 2009, at least) invulnerable to any of the exploits that have been found for WEP or WPA/TKIP and is generally considered completely secure as long as good passwords are used. The only downside to WPA2 is that it requires even newer equipment than WPA does, and some older prod- ucts that support WPA can't be upgraded to use WPA2. In the Apple world, any base station made before 2003 won't work with WPA2, and any Mac with the first-generation AirPort card, regardless of which version of Mac OS X it's running, can't use WPA2 either (although it can use WPA with Mac OS X 10.3 or later). Although the practical difference in security between WPA and WPA2 is slight, if you want the absolute latest and greatest in wireless security, make sure all your devices are new enough to support WPA2. Note Some access points, including all of Apple's base stations, have a mode that mixes WPA Personal and WPA2