What are Protected Management Frames?

What are Protected Management Frames?

Protected Management Frames (PMF) provide protection for unicast and multicast management action frames. Unicast management action frames are protected from both eavesdropping and forging, and multicast management action frames are protected from forging. They augment privacy protections already in place for data frames with mechanisms to improve the resiliency of mission-critical networks. PMF is required for all new certified devices.

Video

Wi-Fi Alliance News See All

The Beacon Blog See All

The Signal Podcast See All

Product Finder

Additional Resources

Frequently Asked Questions

What are “legacy protocols”?

Other legacy protocols are earlier generations of Wi-Fi security, which have been updated or replaced over time due to the changing security landscape needs. The original security standard was Wired Equivalent Privacy (WEP). It was replaced by the original Wi-Fi Protected Access (WPA) in 2003 as an interim solution to the limited protection offered by WEP. The WPA program added support for Temporal Key Integrity Protocol (TKIP) encryption, an older form of security technology with some vulnerability to cryptographic attacks. WPA was replaced in 2004 with more advanced protocols of WPA2.

Though the threat of a security compromise is small, users should not purchase new equipment which supports only WPA with TKIP. Only devices supporting WPA3 security should be purchased and used.

Are Wi-Fi CERTIFIED products protected by security?

As of July 1, 2020, all new Wi-Fi CERTIFIED devices require WPA3. The only way to be sure that a product meets the latest security standards is to purchase only Wi-Fi CERTIFIED products.

What does “security” mean in the context of Wi-Fi?

In the context of Wi-Fi technology, security means two things. First, controlling who can connect to and configure your network and equipment. Second, it means securing the data travelling wirelessly across your Wi-Fi network from unauthorized view.

Wi-Fi security is just one aspect of security for networks. A protected Wi-Fi network is a great start, but you should also consider measures to protect your computer (virus software, firewall, etc.) and your communications across the internet virtual private network (VPN), etc.

What security measures should I take when working away from my home?

Configure Wi-Fi client devices (laptops, handsets, and other Wi-Fi enabled products) to enable security protections.

Configure for approved connections: Many devices are set by default to sense and automatically connect to any available wireless signal. Wi-Fi Alliance recommends that you configure your device to not automatically connect to an open network without your approval.

Disable sharing: Wi-Fi enabled devices may automatically enable themselves to sharing / connecting with other devices when attaching to a wireless network. File and printer sharing may be common in business and home networks, but this should be avoided in a public network such as a hotel, restaurant, or airport hotspot.

Users may also wish to use complementary security measures to improve the security of their activity over the internet including virtual private networks (VPNs), firewalls, etc.

Wi-Fi Alliance Member Publications