Network access control on wired networks with IEEE 802.1X

The Gatekeeper

Article from Issue 108/2009

Author(s): Sven Übelacker , Author(s): Nils Magnus

Did you think the IEEE 802.1X standard is only for wireless? We show you how to set up a network access control system on a wired network with IEEE 802.1X and a FreeRADIUS server.

Wireless users are accustomed to the ritual of providing login information before they connect to a local network. The IEEE 802.1X standard [1] defines a technique for port-based network access control that is used with most wireless access points.

Many admins don't realize IEEE 802.1X can also provide access control for conventional (wired) networks. The IEEE 802.1X authentication scheme actually offers several advantages over alternatives such as MAC-based port authentication, which is easily sniffed and often difficult to manage.

In the age of netbooks, an unauthorized laptop can plug in from almost anywhere on the network. Wary admins looking for better protection can use IEEE 802.1X to stop unauthorized access before the intruder reaches a browser window or login screen.

[...]

Use Express-Checkout link below to read the full article (PDF).