13.3. IEEE Standards

IEEE creates some popular standards for networking.

13.3.1. The 411 on 802.1X

The IEEE standard for port-based network access control, the 802.1X standard, is part of IEEE's 802.1 group of networking protocols. Originally designed for use in wired networks, but adapted to address WLAN security concerns, 802.1X delivers a robust, extensible security framework, as well as powerful authentication and data privacy capabilities.

NOTE

The 802.1X standard securely exchanges user or device credentials and prevents virtually any unauthorized network access because it completes authentication before it assigns a network IP address.

The 802.1X standard provides a sturdy foundation for many NAC solutions because of its strong, durable security and authentication. The fact that the 802.1X standard has been in the field, and market-tested and deployed in many 802.1X wireless networks, has helped speed NAC adoption and ensure stable interoperability.

A secure 802.1X network needs only three components:

  • Supplicant: A software client loaded on an endpoint device that supplies the client side of the 802.1X standard. The supplicant can be part of a wired or wireless environment, and it requests network access.

  • Authenticator: A device, which sits between the endpoint device and the network infrastructure, that performs user or device authentication. Authenticators can include devices such as network switches and wireless access points.

  • Authentication server: These servers can ...

Get Network Access Control For Dummies® now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.