Overlap Between Management Frame Protection Schemes ?
Last Post: July 3, 2018:
-
Cisco's proprietary MFP scheme, to limit some Layer-2 DoS attacks, was first required in the CCX-v5 (Cisco Certified Extensions) certification.
Later, the IEEE ratified the 802.11w-2009 amendment to address these and other management frame security issues.
In 2012 the Wi-Fi Alliance (WFA) began issuing its Wi-Fi Certified Protected Management Frame Test Plan certification, and since 2014 has made it one of the three general requirements for the Wi-Fi Certified 802.11ac certification. (Note that approximately 700 /ac devices were certified before that point and include AP's, phones, laptops, and others.)
My question is, how much overlap is there between these requirements ?
For example , does a WFA-PMF certified device, CCX certified or not, automatically perform all of the operations required by CCX ? Are there any dissimilarities that stop a device from working if it was certified under a different program ? How backwards compatible are they really ?
I realize their may be requirements for specific Cisco IE indicators etc, but what I am interested in are mostly incompatabilities with the different mechansims.
- 1