A wireless network uses authentication and encryption to help stay secure. Authentication controls access to the wireless network. Encryption helps make sure that malicious users cannot determine the contents of wireless data frames.
Windows Vista includes a new wireless network configuration setting. The new setting indicates whether a wireless network is broadcast or non-broadcast. You can also use the new setting to configure how a Windows Vista wireless client connects to a non-broadcast network.
We recommend that you do not configure access points as non-broadcast (hidden) networks. If you have to connect to a non-broadcast network, we recommend that you do not use the automatic connection option. The automatic connection option discloses the Service Set Identifier (SSID) of the network, even when it is not in range.
The wireless access points of a non-broadcast wireless network do not broadcast the SSID. Wireless access points can hide their SSIDs by sending beacon frames whose SSID is set to NULL.
Because a non-broadcast wireless network is not visible during an active scan, a user must know the SSID to connect to the network. The user must also configure a preferred wireless network before the computer connects. However, a non-broadcast network can still be detected because the network is advertised in the probe requests that a wireless client sends. The network is also advertised in the responses to these probe requests. In this manner, wireless clients that are configured to connect to a non-broadcast network continually disclose the SSID of the network, even when the network is not in range.
To address this behavior, Windows Vista includes a new wireless network setting that indicates whether a wireless network is broadcast or non-broadcast. In Windows Vista, you can locally configure the new setting:
- In the Manually connect to a wireless network dialog box.
- In the properties dialog box for the wireless network.
- At the command prompt by using commands in the netsh wlan context.
- By using Group Policy.
When the Connect even if the network is not broadcasting
check box is selected, the Wireless Auto Configuration feature sends probe requests to discover if a non-broadcast network is in range.
A Windows Vista client computer sends these probe requests when the computer is configured to automatically connect to the network. Therefore, even though the wireless access points do not broadcast the name of their wireless network, they appear in the list of available wireless networks when they are in range. When the client computer detects that the network is in range, Wireless Auto Configuration tries to connect to the network regardless of whether it is configured as a broadcast network or as a non-broadcast network. By sending probe requests only for automatically connected non-broadcast networks, a Windows Vista wireless client computer reduces the situations in which it discloses its wireless network configuration.
You can also configure a non-broadcast wireless network to be manually connected. You can then control exactly when to send probe requests. A manually connected non-broadcast wireless network always appears in the list of available networks. Therefore, you can connect to the network as required.
You can use the Connect to a Network wizard to connect to non-broadcast networks in Windows Vista. When a Windows Vista wireless client computer receives a beacon frame that includes a null SSID, Windows Vista adds the wireless network to the list of available networks. Then, Windows Vista names the wireless network "Unnamed Network."
For more information about non-broadcast wireless networks and Windows Vista, visit the following Microsoft Web site: