Security features in the WVA
There are several security features in the WVA.
- For Wi-Fi security, the WVA uses WPA2 with pre-shared key (PSK).
- For user authentication, the WVA uses HTTP authentication.
Security for the Wi-Fi communications channel
The basic channel for communication between the WVA and a connected device is a Wi-Fi communication channel.
The security in place over the Wi-Fi communications channel varies depending on the network connection type:
- When the WVA is the access point: The Wi-Fi channel is secured using WPA2 with a pre-shared key, also known as WPA-PSK. WPA2 provides encryption over the channel, while the pre-shared key provides authentication.
- When the connected device is the access point: The connected device selects which kind of security key is in place. Some devices, such some models of smart phones, do not have security.
- When in Wi-Fi Direct mode: The Wi-Fi channel is secured using WPA-PSK, with the key being selected dynamically per the Wi-Fi Direct specification.
Security for activities performed over the Wi-Fi communications channel
Several activities performed over the Wi-Fi communications channel implement security.
| Activity | Protocol | Security in place |
|---|---|---|
| Web server, including web interface | HTTP/HTTPS | By default, the web interface uses HTTPS (encrypted), with HTTP basic authentication. The WVA devices creates a unique certificate for self-identification. Any display of warnings about certificates is handled through the web browser. In applications, code can handle the certificate management step. |
| Web services basic request/response | HTTP/HTTPS |
Some web services are protected with HTTP basic authentication. See the Index of web services resources. The Protected URI column identifies protected resources. |
| Web Services Event Channel | TCP | The Event Channel is a read-only channel using a dedicated TCP port. The channel is unencrypted. |
| Digi Remote Manager | EDP over SSL over TCP | Digi always requires that the channel for Digi Remote Manager communications from a Digi device be secure and encrypted, and that the server be verified. |
Modifying the security model
You can enable a different security model through the password web services resource. This resource sets the password for the admin username for the WVA.
CAUTION! Changing the admin password can make pairing of the WVA with a connecting device more difficult. A lost password could result in users not being able to access the WVA.
PDF
