Do you know if the NV160 is vulnerable to the KRACK WPA Wifi Attack risk?
The short answer is yes it probably if not definitely is. ADTRAN is still investigating. See here: ADTRAN WPA2 KRACK Attack Advisory (ADTSA-KRA1001 REV A)
Almost certainly yes. The KRACK attack is against the protocol implementation itself regardless of vendor. If the device is compliant with the WPA2 specification and has firmware more than two weeks old, assume that it is vulnerable.
Adtran just released this: https://supportforums.adtran.com/servlet/JiveServlet/previewBody/8732-102-2-12375/ADTRAN%20WPA2%20KR...
Yes, it is vulnerable. No, it will not be fixed.
If we convert to a RADIUS server will the NV160’s still be vulnerable?
Yes. The attack is against the WPA/WPA2 algorithm itself. Once a user is authenticated the attack is possible. It doesn't matter if the original authentication was via RADIUS or a stored key on the device.
If we use wireless interclient separation option in the NV160’s will that prevent the attacks perhaps? Doesn’t that isolate each device?
No. The attack is against the WPA/WPA2 protocol itself. The NV160 is considered to be end-of-life and will not be fixed.
The risk is somewhat mitigated, however. Attacker has to be within the RF range of the device. Most sensitive data is encrypted end-to-end by underlying protocols such as SSL, IPSec, etc. so cracking the wireless encryption just gives the attacker an encrypted stream of data. Depending on the application, likelihood of an attacker within range, and the sensitivity of any plaintext data being sent, it might not be the type of vulnerability that requires an immediate forklift upgrade of all of the access points.