|
How does 802.1X authentication apply to the home and small-office user?
Home and small-office users are not usually concerned with IEEE* 802.1X user authentication as outlined below. Network professionals or those interested in technology may find the topic interesting. This summary has been offered for informational purposes only. A small wireless setup requires clients with wireless adapters and an Access Point (AP) or broadband wireless router to gain Internet access via a DSL, cable or other types of modems.
IEEE 802.1X
IEEE 802.1X is a link-layer authentication standard for port-based access control. It was originally used in wired networking but has been modified to work with Wireless Local Area Networks (WLAN) through virtual ports. 802.1X is utilized for adding user-based authentication with RADIUS and EAP support to WLANs for improved security. The standard identifies and authenticates users before granting network access.
802.1X is based on the Extensible Authentication Protocol (EAP). Full network access is only granted once the user is positively identified. This is particularly advantageous in a Wireless Local Area Network (WLAN). Obtaining this verification early in the network connection process allows for much finer access controls because users can be classified and restricted before obtaining network access.
Extensible Authentication Protocol (EAP): General protocol for Point-to-Point Protocol (PPP) authentication that supports a variety of methods. Some common examples are LEAP, PEAP, EAP-TLS, and EAP-TTLS. There are several Internet Engineering Task Force (IETF) Request for Comments (RFC) addressing EAP (e.g. 3748). Details can be found at www.ietf.org.
†
Remote Access Dial-In User Service (RADIUS): Network authentication protocol and service originally used in wired networks for remote host access to networks. RADIUS is now used often in large-scale wireless networks for authenticating users and creating dynamic encryption keys. Some commercial products are Cisco ACS*, Microsoft IAS* and Funk Steel-Belted RADIUS*.
† This link will take you off of the Intel Web site. Intel does not control the content of the destination Web Site.
This applies to:
| 
