Refill your coffee or Mountain Dew® because this chapter may require extra concentration. Here, we cover all the gory details of the authentication schemas used in Wi-Fi (and in other wired and wireless technologies). The majority of this chapter's content is most applicable to Wi-Fi, but many of the concepts translate to other wireless technologies.

Along with the authentication process of validating devices and/or users comes authorization, which defines what the user or device has access to once connected. We've already covered the mechanisms of segmentation, detailing exactly how the authorization policies may be enforced on the network.

Out of the three main types of security profiles for Wi-Fi, the most challenging and misunderstood concepts are related to the Enterprise (802.1X) secured networks because of their complexity. As you saw in Chapter 2, “Understanding Technical Elements,” for 802.1X to work configurations are required on the Wi-Fi infrastructure, the endpoints, and one or more authentication servers.

Because of that, the first three topics apply specifically to the configuration of 802.1X-secured networks—IEEE 802.1X, RADIUS, and EAP methods.

After that, certificates offer a good segue to the other types of security profiles since they apply not only to 802.1X networks, but also open networks servicing captive portals.