Currently we have the Airlink Security off in our 450, 450i and 450m AP's. Are others enabling it? Is there a significant overhead cost? Other pros/cons?
There is no performance penalty at all as it is done in hardware. No cons that I know of except if you have a mismatch in your SMs / APs when you turn it on then you will strand the SMs that are mismatched.
That is if you have a handful of SMs set for AES and you turn on DES encryption in the AP then those AES SMs will not be able to register to the AP.
1 Like
Encrypting the air interface of the Cambium radios has long been a debate. While a purist might say that "Security through obscurity" is not really security, one might argue that because Cambium uses a completely proprietary air interface, it is inherently more secure, therefore additional encryption of the air interface is not really necessary.
For example, one cannot take a non-Cambium device and sniff or capture traffic, such as you might be able to do with Wi-Fi or even LTE devices. Because they are standards-based, other devices can easily sniff and capture packets.
Encryption for standards-based devices is essential, and in my mind, mandatory. For peace of mind, and essentially a "best practice", I would also highly recommend using Airlink Security. We will be introducing 256-bit AES capabilities on the 450 platform in the next major software release as well.