XEAP Protocol Details

The protocol works in conjunction with a proposed standard defined in RFC 2284, "PPP Extensible Authe Protocol (EAP)." EAP provides a framework for multiple authentication types to occur using the same m< format. The three main components in an 802.1x exchange are as follows:

• Supplicant The client system connecting to the network

• Authenticator The Ethernet switch or other device to which the supplicant is attempting to conne

• Authentication server The server that houses the identity information for the supplicant, commc server of some kind

In 2003, supplicant client software became available for most versions of the Microsoft Windows operati UNIX, and Macintosh OS X. The open source implementation of 802.1x (used for UNIX and Macintosh) c downloaded at http://www.open1x.org.

One of the interesting characteristics of EAP is that only the supplicant and the authentication server ne the details of the EAP authentication method. The authenticator is able to package the EAP message in . understands (RADIUS, for example) and send it off to the authentication server. A reply will come back the authenticator whether to grant access to the supplicant. These EAP messages can take a number of forms, such as the following:

• EAP-MD5 MD5 authentication similar to CHAP

• EAP-TLS Digital certificatebased mutual authentication as defined in RFC 2716

• EAP-OTP OTP authentication as defined in RFC 1938, which is similar to S/KEY (RFC 1760)

• EAP-Token Generic token card that supports OTP as discussed in Chapter 4

In the future, additional authentication mechanisms can be defined without modifying the underlying EA 802.1x protocols. Figure 9-6 shows an 802.1x deployment for a wired LAN using EAP-MD5 for authentic MD5 is not particularly secure, but it is shown here because it is the simplest of the EAP types.

Figure 9-6. 802.1x/EAP-MD5 Connection Establishment

Figure 9-6. 802.1x/EAP-MD5 Connection Establishment

100 SEO Tips

100 SEO Tips

100 SEO Tips EVERY SEO Enthusiast Should Know. This Report 100 SEO Tips will help you to Utilize These Tips to Dominate The Search Engine Today.

Get My Free Ebook

Post a comment