802.1X Authentication

802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. is an IEEE Institute of Electrical and Electronics Engineers. standard that provides an authentication framework for WLANs Wireless Local Area Network. WLAN is a 802.11 standards-based LAN that the users access through a wireless connection.. 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. uses the EAP Extensible Authentication Protocol. An authentication protocol for wireless networks that extends the methods used by the PPP, a protocol often used when connecting a computer to the Internet. EAP can support multiple authentication mechanisms, such as token cards, smart cards, certificates, one-time passwords, and public key encryption authentication.  to exchange messages during the authentication process. The authentication protocols that operate inside the 802.1X 802.1X is an IEEE standard for port-based network access control designed to enhance 802.11 WLAN security. 802.1X provides an authentication framework that allows a user to be authenticated by a central authority. framework that are suitable for wireless networks include EAP-TLS EAP–Transport Layer Security. EAP-TLS is a certificate-based authentication method supporting mutual authentication, integrity-protected ciphersuite negotiation and key exchange between two endpoints. See RFC 5216., PEAP Protected Extensible Authentication Protocol. PEAP is a type of EAP communication that addresses security issues associated with clear text EAP transmissions by creating a secure channel encrypted and protected by TLS., and EAP-TTLS EAP–Tunneled Transport Layer Security. EAP-TTLS is an EAP method that encapsulates a TLS session, consisting of a handshake phase and a data phase. See RFC 5281.. These protocols allow the network to authenticate the client while also allowing the client to authenticate the network.

This section describes the following topics:

Other types of authentication not discussed in this section can be found in the following sections of this guide: