Prerequisites for IEEE 802.1X Open Authentication IEEE 802.1X Port-Based Network Access Control Navigator to find information about platform support and Cisco software image Which each feature is supported, see the feature information table. The features documented in this module, and to see a list of the releases in Release notes for your platform and software release. May not support all the features documented in this module. Configuration Examples for IEEE 802.1X Open Authentication.How to Configure IEEE 802.1X Open Authentication.Information About IEEE 802.1X Open Authentication.Prerequisites for IEEE 802.1X Open Authentication.Open authentication is useful in an applications such as the Preboot Execution Environment (PXE), where a device must access the network to download a bootable image containing an authentication client. Keep in mind, however, that wireless security standards are a moving target, and standards other than those discussed here, such as the PEAP, are being developed and might be available by the time this book is.IEEE 802.1X Open Authentication allows a host to have network access without having to go through IEEE 802.1X authentication. However, unlike MAC filtering, 802.1X is very secure, since it relies on mechanisms that are much harder to compromise than MAC address filters, which can be easily compromised through spoofed MAC addresses.Īlthough a number of vendors implement their own RADIUS servers, security mechanisms, and protocols for securing networks through 802.1X, such as Cisco s LEAP and Funk Software s EAP-TTLS, this section focuses on implementing 802.1X on a Microsoft network using Internet Authentication Services (IAS) and Microsoft s Certificate Services. Like MAC filtering, 802.1X is implemented at Layer 2 of the Open System Interconnection (OSI) model: It will prevent communication on the network using higher layers of the OSI model if authentication fails at the MAC layer. These two services are used in combination with other security mechanisms, such as those provided by the Extensible Authentication Protocol (EAP), to further enhance the protection of wireless networks. Remote Authentication and Dial-In User Service (RADIUS) Provides for centralized authentication and accounting.Ĩ02.1X Provides a method of port-based authentication to local area network (LAN) ports in a switched network environment. To provide better security for wireless LANs and in particular to improve the security of WEP, a number of existing technologies used on wired networks were adapted for this purpose, including:
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |