WARNING: This site is intended for online use only; mass-downloading of pages degrades the server and is prohibited.
If you attempt to use tools to mass-download the site, you may be blocked permanently by automated software.
If you want to read this CertiGuide offline, please use one of the links on the left to purchase a convenient PDF copy. Thank you.

Like what you see? Get it in one document for easy printing!
Click Here!
Use coupon code "certiguide" to save 20%!
(Expires 2004/12/31)

Test yourself better with 300 extra Security+ questions!
Get It Here!

Google
Web CertiGuide






Table Of Contents  CertiGuide to Security+
 9  Chapter 2:  Communication Security (Domain 2.0; 20%)
      9  2.1  Remote Access

Previous Topic/Section
2.1  Remote Access
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
 2.1.2  VPN
Next Topic/Section

2.1.1  802.1X
(Page 2 of 3)

What is 802.1X?



These issues open the door for the additional security features provided by 802.1X133, which uses a specific form of the Extensible Authentication Protocol (EAP), called EAP Over LANs (EAPOL). EAP, as described in RFC 2284134, provides an extensible authentication mechanism for use over PPP, allowing new authentication mechanisms (biometrics, smart cards, etc.) to be “plugged in” without the PPP protocol needing to understand them. EAPOL is an adaptation of EAP. It allows authentication information to be passed in network frames, rather than requiring that it be embedded in a higher-level protocol such PPP. This reduces network overhead for authentication, and removes the necessity to for the network to be running particular protocol suite such as TCP/IP.

801.a,b, etc

The 802.1 series of specifications has gone from relative obscurity to an explosion of alphabet soup. Search Networking has a nice audio only webcast online that will help decode the explostion, found in the footnotes135.

And in 2004 and beyond, a whole new set of wireless standards are showing up. Keep Wireless USB 136 , Multiple-input-multiple-output, or MIMO (pronounced "my-moh" or "mee-moh"). 137


How does it work? The potential network client passes authentication information through a wireless access point to a centralized authentication server, who validates the logon and permits certain network activities based on the identity of the client. For instance, the authentication server may install a certain set of firewall security rules or a specific VPN configuration for that client’s address, based on user identity.

Until a user is authenticated, the wireless network will only forward 802.1X traffic for that connection. Nothing else, such as attempts to browse the web, send mail, or obtain a local IP address via DHCP, will be permitted.

Figure 15: User requests login and receives a request to present “ID”. The request is passed to an authentication server which verifies the user and sends the OK to the access point which allows the user to log on.

 

 __________________

133. http://www.drizzle.com/~aboba/IEEE/11-02-TBDr0-I-Pre-Authentication.doc

134. http://www.ietf.org/rfc/rfc2284.txt

135. http://webevents.broadcast.com/techtarget/110602/net2

136. http://www.pcmag.com/article2/0,1759,1547614,00.asp

137. http://www.nwfusion.com/news/2004/0308mimo.html

Previous Topic/Section
2.1  Remote Access
Previous Page
Pages in Current Topic/Section
1
2
3
Next Page
 2.1.2  VPN
Next Topic/Section

If you find CertiGuide.com useful, please consider making a small Paypal donation to help the site, using one of the buttons below. You can also donate a custom amount using the far right button (not less than $1 please, or PayPal gets most/all of your money!) In lieu of a larger donation, you may wish to consider buying an inexpensive PDF equivalent of the CertiGuide to Security+ from StudyExam4Less.com. (Use coupon code "certiguide" by December 31, 2004 to save 20%!) Thanks for your support!
Donate $2
Donate $5
Donate $10
Donate $20
Donate $30
Donate: $


Home - Table Of Contents - Contact Us

CertiGuide for Security+ (http://www.CertiGuide.com/secplus/) on CertiGuide.com
Version 1.0 - Version Date: November 15, 2004

Adapted with permission from a work created by Tcat Houser et al.
CertiGuide.com Version © Copyright 2004 Charles M. Kozierok. All Rights Reserved.
Not responsible for any loss resulting from the use of this site.