Access Control and Authentication Mechanisms

Before allowing entities to access a network and its associated resources, the general mechanism is to authenticate the entity (a device and/or user) and then allow authorization based on the identity. The most common access control is binary: It either allows access or denies access based on membership in a group.


Extending access control, especially to the wireless world, means a more finely grained authorization; for example, you can allow access to the network and its resources for internal employees and allow Internet access for guests. Employees are also working on federations, so access can be allowed based on the entity’s membership in identity federations—for example, intercollege access ...

Get Cisco Wireless LAN Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.