IEEE 802.1X

From Free net encyclopedia

Image:8021X-Overview.png IEEE 802.1X is an IEEE standard for port-based Network Admission Control, part of the IEEE 802 (802.1) group of protocols. It provides authentication to devices attached to a LAN port, establishing a point-to-point connection or preventing access from that port if authentication fails. It is used for certain closed wireless access points, and is based on the EAP, Extensible Authentication Protocol (RFC 2284). RFC 2284 has been obsoleted by RFC 3748.

802.1X is available on certain network switches, and can be configured to authenticate hosts which are equipped with supplicant software, denying unauthorized access to the network at the data link layer.

Some vendors are implementing 802.1X with wireless access points to be used in certain situations where an access point needs to be operated as a closed access point, addressing the security vulnerabilities of WEP (see 802.11i). The authentication is usually done by a third-party entity, such as a RADIUS server. This provides for client-only authentication, or more appropriately, strong mutual authentication using protocols such as EAP-TLS. [1]

In many cases, the public is invited to the premises but not invited to connect to the network. In the case of a wired network, it is possible to control access through physical security on all network ports. As this does not apply to an IEEE 802.11 wireless signal, operators of closed access points are more likely to apply 802.1X or other network admission controls at the data link layer. This correlation between wireless networking and use of 802.1X authentication has led some to mistakenly call the standard "802.11x" when it is used in a wireless network.

External links

• IEEE page on 802.1X
• IEEE standard can be retrieved at no charge through the GetIEEE802 program: [2].

Template:Compu-network-stubde:IEEE 802.1x es:IEEE 802.1X it:IEEE 802.1x pl:802.1X fi:802.1x