Network access control on wired networks with IEEE 802.1X

Wireless users are accustomed to the ritual of providing login information before they connect to a local network. The IEEE 802.1X standard [1] defines a technique for port-based network access control that is used with most wireless access points.

Many admins don't realize IEEE 802.1X can also provide access control for conventional (wired) networks. The IEEE 802.1X authentication scheme actually offers several advantages over alternatives such as MAC-based port authentication, which is easily sniffed and often difficult to manage.

In the age of netbooks, an unauthorized laptop can plug in from almost anywhere on the network. Wary admins looking for better protection can use IEEE 802.1X to stop unauthorized access before the intruder reaches a browser window or login screen.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Radius and 802.1X

    The Radius protocol is typically used to authenticate users in dial-up scenarios. But Radius is also useful in LAN environments: in combination with 802.1X, Radius forces users to authenticate at a low level before the switch opens up a port.

    more »
  • iNet Wireless Daemon

    Intel's iNet wireless daemon offers virtually all of the features found in the obsolete WPA Supplicant, and it is smaller by a factor of 10.

    more »
  • Security Lessons: HPC

    In a high-performance environment, you want speed as well as security. Kurt looks at some approaches to security that won't slow things down.

    more »
comments powered by Disqus